# Email Security
# Investigate
## Search email messages
`client.EmailSecurity.Investigate.List(ctx, params) (*V4PagePaginationArray[InvestigateListResponse], error)`
**get** `/accounts/{account_id}/email-security/investigate`
Returns information for each email that matches the search parameter(s).
If the search takes too long, the endpoint returns 202 with a Location header
pointing to a polling endpoint where results can be retrieved once ready.
### Parameters
- `params InvestigateListParams`
- `AccountID param.Field[string]`
Path param: Account Identifier
- `ActionLog param.Field[bool]`
Query param: Determines if the message action log is included in the response.
- `AlertID param.Field[string]`
Query param
- `Cursor param.Field[string]`
Query param
- `DetectionsOnly param.Field[bool]`
Query param: Determines if the search results will include detections or not.
- `Domain param.Field[string]`
Query param: Filter by a domain found in the email: sender domain, recipient domain, or a domain in a link.
- `End param.Field[Time]`
Query param: The end of the search date range.
Defaults to `now` if not provided.
- `ExactSubject param.Field[string]`
Query param: Search for messages with an exact subject match.
- `FinalDisposition param.Field[InvestigateListParamsFinalDisposition]`
Query param: The dispositions the search filters by.
- `const InvestigateListParamsFinalDispositionMalicious InvestigateListParamsFinalDisposition = "MALICIOUS"`
- `const InvestigateListParamsFinalDispositionSuspicious InvestigateListParamsFinalDisposition = "SUSPICIOUS"`
- `const InvestigateListParamsFinalDispositionSpoof InvestigateListParamsFinalDisposition = "SPOOF"`
- `const InvestigateListParamsFinalDispositionSpam InvestigateListParamsFinalDisposition = "SPAM"`
- `const InvestigateListParamsFinalDispositionBulk InvestigateListParamsFinalDisposition = "BULK"`
- `const InvestigateListParamsFinalDispositionNone InvestigateListParamsFinalDisposition = "NONE"`
- `MessageAction param.Field[InvestigateListParamsMessageAction]`
Query param: The message actions the search filters by.
- `const InvestigateListParamsMessageActionPreview InvestigateListParamsMessageAction = "PREVIEW"`
- `const InvestigateListParamsMessageActionQuarantineReleased InvestigateListParamsMessageAction = "QUARANTINE_RELEASED"`
- `const InvestigateListParamsMessageActionMoved InvestigateListParamsMessageAction = "MOVED"`
- `const InvestigateListParamsMessageActionSubmitted InvestigateListParamsMessageAction = "SUBMITTED"`
- `MessageID param.Field[string]`
Query param
- `Metric param.Field[string]`
Query param
- `Page param.Field[int64]`
Query param: Deprecated: Use cursor pagination instead.
- `PerPage param.Field[int64]`
Query param: The number of results per page.
- `Query param.Field[string]`
Query param: The space-delimited term used in the query. The search is case-insensitive.
The content of the following email metadata fields are searched:
* alert_id
* CC
* From (envelope_from)
* From Name
* final_disposition
* md5 hash (of any attachment)
* sha1 hash (of any attachment)
* sha256 hash (of any attachment)
* name (of any attachment)
* Reason
* Received DateTime (yyyy-mm-ddThh:mm:ss)
* Sent DateTime (yyyy-mm-ddThh:mm:ss)
* ReplyTo
* To (envelope_to)
* To Name
* Message-ID
* smtp_helo_server_ip
* smtp_previous_hop_ip
* x_originating_ip
* Subject
- `Recipient param.Field[string]`
Query param: Filter by recipient. Matches either an email address or a domain.
- `Sender param.Field[string]`
Query param: Filter by sender. Matches either an email address or a domain.
- `Start param.Field[Time]`
Query param: The beginning of the search date range.
Defaults to `now - 30 days` if not provided.
- `Subject param.Field[string]`
Query param: Search for messages containing individual keywords in any order within the subject.
- `Submissions param.Field[bool]`
Query param: Search for submissions instead of original messages
### Returns
- `type InvestigateListResponse struct{…}`
- `ID string`
- `ActionLog unknown`
- `ClientRecipients []string`
- `DetectionReasons []string`
- `IsPhishSubmission bool`
- `IsQuarantined bool`
- `PostfixID string`
The identifier of the message.
- `Properties InvestigateListResponseProperties`
- `AllowlistedPattern string`
- `AllowlistedPatternType InvestigateListResponsePropertiesAllowlistedPatternType`
- `const InvestigateListResponsePropertiesAllowlistedPatternTypeQuarantineRelease InvestigateListResponsePropertiesAllowlistedPatternType = "quarantine_release"`
- `const InvestigateListResponsePropertiesAllowlistedPatternTypeAcceptableSender InvestigateListResponsePropertiesAllowlistedPatternType = "acceptable_sender"`
- `const InvestigateListResponsePropertiesAllowlistedPatternTypeAllowedSender InvestigateListResponsePropertiesAllowlistedPatternType = "allowed_sender"`
- `const InvestigateListResponsePropertiesAllowlistedPatternTypeAllowedRecipient InvestigateListResponsePropertiesAllowlistedPatternType = "allowed_recipient"`
- `const InvestigateListResponsePropertiesAllowlistedPatternTypeDomainSimilarity InvestigateListResponsePropertiesAllowlistedPatternType = "domain_similarity"`
- `const InvestigateListResponsePropertiesAllowlistedPatternTypeDomainRecency InvestigateListResponsePropertiesAllowlistedPatternType = "domain_recency"`
- `const InvestigateListResponsePropertiesAllowlistedPatternTypeManagedAcceptableSender InvestigateListResponsePropertiesAllowlistedPatternType = "managed_acceptable_sender"`
- `const InvestigateListResponsePropertiesAllowlistedPatternTypeOutboundNdr InvestigateListResponsePropertiesAllowlistedPatternType = "outbound_ndr"`
- `BlocklistedMessage bool`
- `BlocklistedPattern string`
- `WhitelistedPatternType InvestigateListResponsePropertiesWhitelistedPatternType`
- `const InvestigateListResponsePropertiesWhitelistedPatternTypeQuarantineRelease InvestigateListResponsePropertiesWhitelistedPatternType = "quarantine_release"`
- `const InvestigateListResponsePropertiesWhitelistedPatternTypeAcceptableSender InvestigateListResponsePropertiesWhitelistedPatternType = "acceptable_sender"`
- `const InvestigateListResponsePropertiesWhitelistedPatternTypeAllowedSender InvestigateListResponsePropertiesWhitelistedPatternType = "allowed_sender"`
- `const InvestigateListResponsePropertiesWhitelistedPatternTypeAllowedRecipient InvestigateListResponsePropertiesWhitelistedPatternType = "allowed_recipient"`
- `const InvestigateListResponsePropertiesWhitelistedPatternTypeDomainSimilarity InvestigateListResponsePropertiesWhitelistedPatternType = "domain_similarity"`
- `const InvestigateListResponsePropertiesWhitelistedPatternTypeDomainRecency InvestigateListResponsePropertiesWhitelistedPatternType = "domain_recency"`
- `const InvestigateListResponsePropertiesWhitelistedPatternTypeManagedAcceptableSender InvestigateListResponsePropertiesWhitelistedPatternType = "managed_acceptable_sender"`
- `const InvestigateListResponsePropertiesWhitelistedPatternTypeOutboundNdr InvestigateListResponsePropertiesWhitelistedPatternType = "outbound_ndr"`
- `Ts string`
Deprecated, use `scanned_at` instead
- `AlertID string`
- `DeliveryMode InvestigateListResponseDeliveryMode`
- `const InvestigateListResponseDeliveryModeDirect InvestigateListResponseDeliveryMode = "DIRECT"`
- `const InvestigateListResponseDeliveryModeBcc InvestigateListResponseDeliveryMode = "BCC"`
- `const InvestigateListResponseDeliveryModeJournal InvestigateListResponseDeliveryMode = "JOURNAL"`
- `const InvestigateListResponseDeliveryModeReviewSubmission InvestigateListResponseDeliveryMode = "REVIEW_SUBMISSION"`
- `const InvestigateListResponseDeliveryModeDMARCUnverified InvestigateListResponseDeliveryMode = "DMARC_UNVERIFIED"`
- `const InvestigateListResponseDeliveryModeDMARCFailureReport InvestigateListResponseDeliveryMode = "DMARC_FAILURE_REPORT"`
- `const InvestigateListResponseDeliveryModeDMARCAggregateReport InvestigateListResponseDeliveryMode = "DMARC_AGGREGATE_REPORT"`
- `const InvestigateListResponseDeliveryModeThreatIntelSubmission InvestigateListResponseDeliveryMode = "THREAT_INTEL_SUBMISSION"`
- `const InvestigateListResponseDeliveryModeSimulationSubmission InvestigateListResponseDeliveryMode = "SIMULATION_SUBMISSION"`
- `const InvestigateListResponseDeliveryModeAPI InvestigateListResponseDeliveryMode = "API"`
- `const InvestigateListResponseDeliveryModeRetroScan InvestigateListResponseDeliveryMode = "RETRO_SCAN"`
- `EdfHash string`
- `EnvelopeFrom string`
- `EnvelopeTo []string`
- `FinalDisposition InvestigateListResponseFinalDisposition`
- `const InvestigateListResponseFinalDispositionMalicious InvestigateListResponseFinalDisposition = "MALICIOUS"`
- `const InvestigateListResponseFinalDispositionMaliciousBec InvestigateListResponseFinalDisposition = "MALICIOUS-BEC"`
- `const InvestigateListResponseFinalDispositionSuspicious InvestigateListResponseFinalDisposition = "SUSPICIOUS"`
- `const InvestigateListResponseFinalDispositionSpoof InvestigateListResponseFinalDisposition = "SPOOF"`
- `const InvestigateListResponseFinalDispositionSpam InvestigateListResponseFinalDisposition = "SPAM"`
- `const InvestigateListResponseFinalDispositionBulk InvestigateListResponseFinalDisposition = "BULK"`
- `const InvestigateListResponseFinalDispositionEncrypted InvestigateListResponseFinalDisposition = "ENCRYPTED"`
- `const InvestigateListResponseFinalDispositionExternal InvestigateListResponseFinalDisposition = "EXTERNAL"`
- `const InvestigateListResponseFinalDispositionUnknown InvestigateListResponseFinalDisposition = "UNKNOWN"`
- `const InvestigateListResponseFinalDispositionNone InvestigateListResponseFinalDisposition = "NONE"`
- `Findings []InvestigateListResponseFinding`
- `Attachment string`
- `Detail string`
- `Detection InvestigateListResponseFindingsDetection`
- `const InvestigateListResponseFindingsDetectionMalicious InvestigateListResponseFindingsDetection = "MALICIOUS"`
- `const InvestigateListResponseFindingsDetectionMaliciousBec InvestigateListResponseFindingsDetection = "MALICIOUS-BEC"`
- `const InvestigateListResponseFindingsDetectionSuspicious InvestigateListResponseFindingsDetection = "SUSPICIOUS"`
- `const InvestigateListResponseFindingsDetectionSpoof InvestigateListResponseFindingsDetection = "SPOOF"`
- `const InvestigateListResponseFindingsDetectionSpam InvestigateListResponseFindingsDetection = "SPAM"`
- `const InvestigateListResponseFindingsDetectionBulk InvestigateListResponseFindingsDetection = "BULK"`
- `const InvestigateListResponseFindingsDetectionEncrypted InvestigateListResponseFindingsDetection = "ENCRYPTED"`
- `const InvestigateListResponseFindingsDetectionExternal InvestigateListResponseFindingsDetection = "EXTERNAL"`
- `const InvestigateListResponseFindingsDetectionUnknown InvestigateListResponseFindingsDetection = "UNKNOWN"`
- `const InvestigateListResponseFindingsDetectionNone InvestigateListResponseFindingsDetection = "NONE"`
- `Field string`
- `Name string`
- `Portion string`
- `Reason string`
- `Score float64`
- `Value string`
- `From string`
- `FromName string`
- `HtmltextStructureHash string`
- `MessageID string`
- `PostDeliveryOperations []InvestigateListResponsePostDeliveryOperation`
- `const InvestigateListResponsePostDeliveryOperationPreview InvestigateListResponsePostDeliveryOperation = "PREVIEW"`
- `const InvestigateListResponsePostDeliveryOperationQuarantineRelease InvestigateListResponsePostDeliveryOperation = "QUARANTINE_RELEASE"`
- `const InvestigateListResponsePostDeliveryOperationSubmission InvestigateListResponsePostDeliveryOperation = "SUBMISSION"`
- `const InvestigateListResponsePostDeliveryOperationMove InvestigateListResponsePostDeliveryOperation = "MOVE"`
- `PostfixIDOutbound string`
- `Replyto string`
- `ScannedAt Time`
- `SentAt Time`
- `SentDate string`
Deprecated, use `sent_at` instead
- `Subject string`
- `ThreatCategories []string`
- `To []string`
- `ToName []string`
- `Validation InvestigateListResponseValidation`
- `Comment string`
- `DKIM InvestigateListResponseValidationDKIM`
- `const InvestigateListResponseValidationDKIMPass InvestigateListResponseValidationDKIM = "pass"`
- `const InvestigateListResponseValidationDKIMNeutral InvestigateListResponseValidationDKIM = "neutral"`
- `const InvestigateListResponseValidationDKIMFail InvestigateListResponseValidationDKIM = "fail"`
- `const InvestigateListResponseValidationDKIMError InvestigateListResponseValidationDKIM = "error"`
- `const InvestigateListResponseValidationDKIMNone InvestigateListResponseValidationDKIM = "none"`
- `DMARC InvestigateListResponseValidationDMARC`
- `const InvestigateListResponseValidationDMARCPass InvestigateListResponseValidationDMARC = "pass"`
- `const InvestigateListResponseValidationDMARCNeutral InvestigateListResponseValidationDMARC = "neutral"`
- `const InvestigateListResponseValidationDMARCFail InvestigateListResponseValidationDMARC = "fail"`
- `const InvestigateListResponseValidationDMARCError InvestigateListResponseValidationDMARC = "error"`
- `const InvestigateListResponseValidationDMARCNone InvestigateListResponseValidationDMARC = "none"`
- `SPF InvestigateListResponseValidationSPF`
- `const InvestigateListResponseValidationSPFPass InvestigateListResponseValidationSPF = "pass"`
- `const InvestigateListResponseValidationSPFNeutral InvestigateListResponseValidationSPF = "neutral"`
- `const InvestigateListResponseValidationSPFFail InvestigateListResponseValidationSPF = "fail"`
- `const InvestigateListResponseValidationSPFError InvestigateListResponseValidationSPF = "error"`
- `const InvestigateListResponseValidationSPFNone InvestigateListResponseValidationSPF = "none"`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
page, err := client.EmailSecurity.Investigate.List(context.TODO(), email_security.InvestigateListParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
})
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", page)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": [
{
"id": "4Njp3P0STMz2c02Q-2022-12-30T02:44:49-2a539d65",
"action_log": [],
"client_recipients": [
"email@example.com"
],
"detection_reasons": [
"Selector is a source of spam/uce : Smtp-Helo-Server-Ip=127.0.0[dot]186"
],
"is_phish_submission": false,
"is_quarantined": false,
"postfix_id": "47JJcT1w6GztQV7",
"properties": {
"allowlisted_pattern": "allowlisted_pattern",
"allowlisted_pattern_type": "quarantine_release",
"blocklisted_message": true,
"blocklisted_pattern": "blocklisted_pattern",
"whitelisted_pattern_type": "quarantine_release"
},
"ts": "2019-11-20T23:22:01",
"alert_id": "4Njp3P0STMz2c02Q-2022-12-30T02:44:49",
"delivery_mode": "DIRECT",
"edf_hash": null,
"envelope_from": "d1994@example.com",
"envelope_to": [
"email@example.com"
],
"final_disposition": "MALICIOUS",
"findings": [
{
"attachment": "attachment",
"detail": "detail",
"detection": "MALICIOUS",
"field": "field",
"name": "name",
"portion": "portion",
"reason": "reason",
"score": 0,
"value": "value"
}
],
"from": "d1994@example.com",
"from_name": "Sender Name",
"htmltext_structure_hash": null,
"message_id": "<4VAZPrAdg7IGNxdt1DWRNu0gvOeL_iZiwP4BQfo4DaE.Yw-woXuugQbeFhBpzwFQtqq_v2v1HOKznoMBqbciQpE@example.com>",
"post_delivery_operations": [
"PREVIEW"
],
"postfix_id_outbound": null,
"replyto": "email@example.com",
"scanned_at": "2019-11-20T23:22:01Z",
"sent_at": "2019-11-21T00:22:01Z",
"sent_date": "2019-11-21T00:22:01",
"subject": "listen, I highly recommend u to read that email, just to ensure not a thing will take place",
"threat_categories": [
"IPReputation",
"ASNReputation"
],
"to": [
"email@example.com"
],
"to_name": [
"Recipient Name"
],
"validation": {
"comment": null,
"dkim": "pass",
"dmarc": "none",
"spf": "fail"
}
}
],
"result_info": {
"count": 0,
"page": 0,
"per_page": 0,
"total_count": 0,
"next": "next",
"previous": "previous"
},
"success": true
}
```
## Get message details
`client.EmailSecurity.Investigate.Get(ctx, postfixID, query) (*InvestigateGetResponse, error)`
**get** `/accounts/{account_id}/email-security/investigate/{postfix_id}`
Retrieves detailed information about a specific email message, including headers,
metadata, and security scan results.
### Parameters
- `postfixID string`
The identifier of the message.
- `query InvestigateGetParams`
- `AccountID param.Field[string]`
Account Identifier
### Returns
- `type InvestigateGetResponse struct{…}`
- `ID string`
- `ActionLog unknown`
- `ClientRecipients []string`
- `DetectionReasons []string`
- `IsPhishSubmission bool`
- `IsQuarantined bool`
- `PostfixID string`
The identifier of the message.
- `Properties InvestigateGetResponseProperties`
- `AllowlistedPattern string`
- `AllowlistedPatternType InvestigateGetResponsePropertiesAllowlistedPatternType`
- `const InvestigateGetResponsePropertiesAllowlistedPatternTypeQuarantineRelease InvestigateGetResponsePropertiesAllowlistedPatternType = "quarantine_release"`
- `const InvestigateGetResponsePropertiesAllowlistedPatternTypeAcceptableSender InvestigateGetResponsePropertiesAllowlistedPatternType = "acceptable_sender"`
- `const InvestigateGetResponsePropertiesAllowlistedPatternTypeAllowedSender InvestigateGetResponsePropertiesAllowlistedPatternType = "allowed_sender"`
- `const InvestigateGetResponsePropertiesAllowlistedPatternTypeAllowedRecipient InvestigateGetResponsePropertiesAllowlistedPatternType = "allowed_recipient"`
- `const InvestigateGetResponsePropertiesAllowlistedPatternTypeDomainSimilarity InvestigateGetResponsePropertiesAllowlistedPatternType = "domain_similarity"`
- `const InvestigateGetResponsePropertiesAllowlistedPatternTypeDomainRecency InvestigateGetResponsePropertiesAllowlistedPatternType = "domain_recency"`
- `const InvestigateGetResponsePropertiesAllowlistedPatternTypeManagedAcceptableSender InvestigateGetResponsePropertiesAllowlistedPatternType = "managed_acceptable_sender"`
- `const InvestigateGetResponsePropertiesAllowlistedPatternTypeOutboundNdr InvestigateGetResponsePropertiesAllowlistedPatternType = "outbound_ndr"`
- `BlocklistedMessage bool`
- `BlocklistedPattern string`
- `WhitelistedPatternType InvestigateGetResponsePropertiesWhitelistedPatternType`
- `const InvestigateGetResponsePropertiesWhitelistedPatternTypeQuarantineRelease InvestigateGetResponsePropertiesWhitelistedPatternType = "quarantine_release"`
- `const InvestigateGetResponsePropertiesWhitelistedPatternTypeAcceptableSender InvestigateGetResponsePropertiesWhitelistedPatternType = "acceptable_sender"`
- `const InvestigateGetResponsePropertiesWhitelistedPatternTypeAllowedSender InvestigateGetResponsePropertiesWhitelistedPatternType = "allowed_sender"`
- `const InvestigateGetResponsePropertiesWhitelistedPatternTypeAllowedRecipient InvestigateGetResponsePropertiesWhitelistedPatternType = "allowed_recipient"`
- `const InvestigateGetResponsePropertiesWhitelistedPatternTypeDomainSimilarity InvestigateGetResponsePropertiesWhitelistedPatternType = "domain_similarity"`
- `const InvestigateGetResponsePropertiesWhitelistedPatternTypeDomainRecency InvestigateGetResponsePropertiesWhitelistedPatternType = "domain_recency"`
- `const InvestigateGetResponsePropertiesWhitelistedPatternTypeManagedAcceptableSender InvestigateGetResponsePropertiesWhitelistedPatternType = "managed_acceptable_sender"`
- `const InvestigateGetResponsePropertiesWhitelistedPatternTypeOutboundNdr InvestigateGetResponsePropertiesWhitelistedPatternType = "outbound_ndr"`
- `Ts string`
Deprecated, use `scanned_at` instead
- `AlertID string`
- `DeliveryMode InvestigateGetResponseDeliveryMode`
- `const InvestigateGetResponseDeliveryModeDirect InvestigateGetResponseDeliveryMode = "DIRECT"`
- `const InvestigateGetResponseDeliveryModeBcc InvestigateGetResponseDeliveryMode = "BCC"`
- `const InvestigateGetResponseDeliveryModeJournal InvestigateGetResponseDeliveryMode = "JOURNAL"`
- `const InvestigateGetResponseDeliveryModeReviewSubmission InvestigateGetResponseDeliveryMode = "REVIEW_SUBMISSION"`
- `const InvestigateGetResponseDeliveryModeDMARCUnverified InvestigateGetResponseDeliveryMode = "DMARC_UNVERIFIED"`
- `const InvestigateGetResponseDeliveryModeDMARCFailureReport InvestigateGetResponseDeliveryMode = "DMARC_FAILURE_REPORT"`
- `const InvestigateGetResponseDeliveryModeDMARCAggregateReport InvestigateGetResponseDeliveryMode = "DMARC_AGGREGATE_REPORT"`
- `const InvestigateGetResponseDeliveryModeThreatIntelSubmission InvestigateGetResponseDeliveryMode = "THREAT_INTEL_SUBMISSION"`
- `const InvestigateGetResponseDeliveryModeSimulationSubmission InvestigateGetResponseDeliveryMode = "SIMULATION_SUBMISSION"`
- `const InvestigateGetResponseDeliveryModeAPI InvestigateGetResponseDeliveryMode = "API"`
- `const InvestigateGetResponseDeliveryModeRetroScan InvestigateGetResponseDeliveryMode = "RETRO_SCAN"`
- `EdfHash string`
- `EnvelopeFrom string`
- `EnvelopeTo []string`
- `FinalDisposition InvestigateGetResponseFinalDisposition`
- `const InvestigateGetResponseFinalDispositionMalicious InvestigateGetResponseFinalDisposition = "MALICIOUS"`
- `const InvestigateGetResponseFinalDispositionMaliciousBec InvestigateGetResponseFinalDisposition = "MALICIOUS-BEC"`
- `const InvestigateGetResponseFinalDispositionSuspicious InvestigateGetResponseFinalDisposition = "SUSPICIOUS"`
- `const InvestigateGetResponseFinalDispositionSpoof InvestigateGetResponseFinalDisposition = "SPOOF"`
- `const InvestigateGetResponseFinalDispositionSpam InvestigateGetResponseFinalDisposition = "SPAM"`
- `const InvestigateGetResponseFinalDispositionBulk InvestigateGetResponseFinalDisposition = "BULK"`
- `const InvestigateGetResponseFinalDispositionEncrypted InvestigateGetResponseFinalDisposition = "ENCRYPTED"`
- `const InvestigateGetResponseFinalDispositionExternal InvestigateGetResponseFinalDisposition = "EXTERNAL"`
- `const InvestigateGetResponseFinalDispositionUnknown InvestigateGetResponseFinalDisposition = "UNKNOWN"`
- `const InvestigateGetResponseFinalDispositionNone InvestigateGetResponseFinalDisposition = "NONE"`
- `Findings []InvestigateGetResponseFinding`
- `Attachment string`
- `Detail string`
- `Detection InvestigateGetResponseFindingsDetection`
- `const InvestigateGetResponseFindingsDetectionMalicious InvestigateGetResponseFindingsDetection = "MALICIOUS"`
- `const InvestigateGetResponseFindingsDetectionMaliciousBec InvestigateGetResponseFindingsDetection = "MALICIOUS-BEC"`
- `const InvestigateGetResponseFindingsDetectionSuspicious InvestigateGetResponseFindingsDetection = "SUSPICIOUS"`
- `const InvestigateGetResponseFindingsDetectionSpoof InvestigateGetResponseFindingsDetection = "SPOOF"`
- `const InvestigateGetResponseFindingsDetectionSpam InvestigateGetResponseFindingsDetection = "SPAM"`
- `const InvestigateGetResponseFindingsDetectionBulk InvestigateGetResponseFindingsDetection = "BULK"`
- `const InvestigateGetResponseFindingsDetectionEncrypted InvestigateGetResponseFindingsDetection = "ENCRYPTED"`
- `const InvestigateGetResponseFindingsDetectionExternal InvestigateGetResponseFindingsDetection = "EXTERNAL"`
- `const InvestigateGetResponseFindingsDetectionUnknown InvestigateGetResponseFindingsDetection = "UNKNOWN"`
- `const InvestigateGetResponseFindingsDetectionNone InvestigateGetResponseFindingsDetection = "NONE"`
- `Field string`
- `Name string`
- `Portion string`
- `Reason string`
- `Score float64`
- `Value string`
- `From string`
- `FromName string`
- `HtmltextStructureHash string`
- `MessageID string`
- `PostDeliveryOperations []InvestigateGetResponsePostDeliveryOperation`
- `const InvestigateGetResponsePostDeliveryOperationPreview InvestigateGetResponsePostDeliveryOperation = "PREVIEW"`
- `const InvestigateGetResponsePostDeliveryOperationQuarantineRelease InvestigateGetResponsePostDeliveryOperation = "QUARANTINE_RELEASE"`
- `const InvestigateGetResponsePostDeliveryOperationSubmission InvestigateGetResponsePostDeliveryOperation = "SUBMISSION"`
- `const InvestigateGetResponsePostDeliveryOperationMove InvestigateGetResponsePostDeliveryOperation = "MOVE"`
- `PostfixIDOutbound string`
- `Replyto string`
- `ScannedAt Time`
- `SentAt Time`
- `SentDate string`
Deprecated, use `sent_at` instead
- `Subject string`
- `ThreatCategories []string`
- `To []string`
- `ToName []string`
- `Validation InvestigateGetResponseValidation`
- `Comment string`
- `DKIM InvestigateGetResponseValidationDKIM`
- `const InvestigateGetResponseValidationDKIMPass InvestigateGetResponseValidationDKIM = "pass"`
- `const InvestigateGetResponseValidationDKIMNeutral InvestigateGetResponseValidationDKIM = "neutral"`
- `const InvestigateGetResponseValidationDKIMFail InvestigateGetResponseValidationDKIM = "fail"`
- `const InvestigateGetResponseValidationDKIMError InvestigateGetResponseValidationDKIM = "error"`
- `const InvestigateGetResponseValidationDKIMNone InvestigateGetResponseValidationDKIM = "none"`
- `DMARC InvestigateGetResponseValidationDMARC`
- `const InvestigateGetResponseValidationDMARCPass InvestigateGetResponseValidationDMARC = "pass"`
- `const InvestigateGetResponseValidationDMARCNeutral InvestigateGetResponseValidationDMARC = "neutral"`
- `const InvestigateGetResponseValidationDMARCFail InvestigateGetResponseValidationDMARC = "fail"`
- `const InvestigateGetResponseValidationDMARCError InvestigateGetResponseValidationDMARC = "error"`
- `const InvestigateGetResponseValidationDMARCNone InvestigateGetResponseValidationDMARC = "none"`
- `SPF InvestigateGetResponseValidationSPF`
- `const InvestigateGetResponseValidationSPFPass InvestigateGetResponseValidationSPF = "pass"`
- `const InvestigateGetResponseValidationSPFNeutral InvestigateGetResponseValidationSPF = "neutral"`
- `const InvestigateGetResponseValidationSPFFail InvestigateGetResponseValidationSPF = "fail"`
- `const InvestigateGetResponseValidationSPFError InvestigateGetResponseValidationSPF = "error"`
- `const InvestigateGetResponseValidationSPFNone InvestigateGetResponseValidationSPF = "none"`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
investigate, err := client.EmailSecurity.Investigate.Get(
context.TODO(),
"4Njp3P0STMz2c02Q",
email_security.InvestigateGetParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
},
)
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", investigate.ID)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"id": "4Njp3P0STMz2c02Q-2022-12-30T02:44:49-2a539d65",
"action_log": [],
"client_recipients": [
"email@example.com"
],
"detection_reasons": [
"Selector is a source of spam/uce : Smtp-Helo-Server-Ip=127.0.0[dot]186"
],
"is_phish_submission": false,
"is_quarantined": false,
"postfix_id": "47JJcT1w6GztQV7",
"properties": {
"allowlisted_pattern": "allowlisted_pattern",
"allowlisted_pattern_type": "quarantine_release",
"blocklisted_message": true,
"blocklisted_pattern": "blocklisted_pattern",
"whitelisted_pattern_type": "quarantine_release"
},
"ts": "2019-11-20T23:22:01",
"alert_id": "4Njp3P0STMz2c02Q-2022-12-30T02:44:49",
"delivery_mode": "DIRECT",
"edf_hash": null,
"envelope_from": "d1994@example.com",
"envelope_to": [
"email@example.com"
],
"final_disposition": "MALICIOUS",
"findings": [
{
"attachment": "attachment",
"detail": "detail",
"detection": "MALICIOUS",
"field": "field",
"name": "name",
"portion": "portion",
"reason": "reason",
"score": 0,
"value": "value"
}
],
"from": "d1994@example.com",
"from_name": "Sender Name",
"htmltext_structure_hash": null,
"message_id": "<4VAZPrAdg7IGNxdt1DWRNu0gvOeL_iZiwP4BQfo4DaE.Yw-woXuugQbeFhBpzwFQtqq_v2v1HOKznoMBqbciQpE@example.com>",
"post_delivery_operations": [
"PREVIEW"
],
"postfix_id_outbound": null,
"replyto": "email@example.com",
"scanned_at": "2019-11-20T23:22:01Z",
"sent_at": "2019-11-21T00:22:01Z",
"sent_date": "2019-11-21T00:22:01",
"subject": "listen, I highly recommend u to read that email, just to ensure not a thing will take place",
"threat_categories": [
"IPReputation",
"ASNReputation"
],
"to": [
"email@example.com"
],
"to_name": [
"Recipient Name"
],
"validation": {
"comment": null,
"dkim": "pass",
"dmarc": "none",
"spf": "fail"
}
},
"success": true
}
```
# Detections
## Get message detection details
`client.EmailSecurity.Investigate.Detections.Get(ctx, postfixID, query) (*InvestigateDetectionGetResponse, error)`
**get** `/accounts/{account_id}/email-security/investigate/{postfix_id}/detections`
Returns detection details such as threat categories and sender information for non-benign messages.
### Parameters
- `postfixID string`
The identifier of the message.
- `query InvestigateDetectionGetParams`
- `AccountID param.Field[string]`
Account Identifier
### Returns
- `type InvestigateDetectionGetResponse struct{…}`
- `Action string`
- `Attachments []InvestigateDetectionGetResponseAttachment`
- `Size int64`
- `ContentType string`
- `Detection InvestigateDetectionGetResponseAttachmentsDetection`
- `const InvestigateDetectionGetResponseAttachmentsDetectionMalicious InvestigateDetectionGetResponseAttachmentsDetection = "MALICIOUS"`
- `const InvestigateDetectionGetResponseAttachmentsDetectionMaliciousBec InvestigateDetectionGetResponseAttachmentsDetection = "MALICIOUS-BEC"`
- `const InvestigateDetectionGetResponseAttachmentsDetectionSuspicious InvestigateDetectionGetResponseAttachmentsDetection = "SUSPICIOUS"`
- `const InvestigateDetectionGetResponseAttachmentsDetectionSpoof InvestigateDetectionGetResponseAttachmentsDetection = "SPOOF"`
- `const InvestigateDetectionGetResponseAttachmentsDetectionSpam InvestigateDetectionGetResponseAttachmentsDetection = "SPAM"`
- `const InvestigateDetectionGetResponseAttachmentsDetectionBulk InvestigateDetectionGetResponseAttachmentsDetection = "BULK"`
- `const InvestigateDetectionGetResponseAttachmentsDetectionEncrypted InvestigateDetectionGetResponseAttachmentsDetection = "ENCRYPTED"`
- `const InvestigateDetectionGetResponseAttachmentsDetectionExternal InvestigateDetectionGetResponseAttachmentsDetection = "EXTERNAL"`
- `const InvestigateDetectionGetResponseAttachmentsDetectionUnknown InvestigateDetectionGetResponseAttachmentsDetection = "UNKNOWN"`
- `const InvestigateDetectionGetResponseAttachmentsDetectionNone InvestigateDetectionGetResponseAttachmentsDetection = "NONE"`
- `Encrypted bool`
- `Name string`
- `Headers []InvestigateDetectionGetResponseHeader`
- `Name string`
- `Value string`
- `Links []InvestigateDetectionGetResponseLink`
- `Href string`
- `Text string`
- `SenderInfo InvestigateDetectionGetResponseSenderInfo`
- `AsName string`
The name of the autonomous system.
- `AsNumber int64`
The number of the autonomous system.
- `Geo string`
- `IP string`
- `Pld string`
- `ThreatCategories []InvestigateDetectionGetResponseThreatCategory`
- `ID int64`
- `Description string`
- `Name string`
- `Validation InvestigateDetectionGetResponseValidation`
- `Comment string`
- `DKIM InvestigateDetectionGetResponseValidationDKIM`
- `const InvestigateDetectionGetResponseValidationDKIMPass InvestigateDetectionGetResponseValidationDKIM = "pass"`
- `const InvestigateDetectionGetResponseValidationDKIMNeutral InvestigateDetectionGetResponseValidationDKIM = "neutral"`
- `const InvestigateDetectionGetResponseValidationDKIMFail InvestigateDetectionGetResponseValidationDKIM = "fail"`
- `const InvestigateDetectionGetResponseValidationDKIMError InvestigateDetectionGetResponseValidationDKIM = "error"`
- `const InvestigateDetectionGetResponseValidationDKIMNone InvestigateDetectionGetResponseValidationDKIM = "none"`
- `DMARC InvestigateDetectionGetResponseValidationDMARC`
- `const InvestigateDetectionGetResponseValidationDMARCPass InvestigateDetectionGetResponseValidationDMARC = "pass"`
- `const InvestigateDetectionGetResponseValidationDMARCNeutral InvestigateDetectionGetResponseValidationDMARC = "neutral"`
- `const InvestigateDetectionGetResponseValidationDMARCFail InvestigateDetectionGetResponseValidationDMARC = "fail"`
- `const InvestigateDetectionGetResponseValidationDMARCError InvestigateDetectionGetResponseValidationDMARC = "error"`
- `const InvestigateDetectionGetResponseValidationDMARCNone InvestigateDetectionGetResponseValidationDMARC = "none"`
- `SPF InvestigateDetectionGetResponseValidationSPF`
- `const InvestigateDetectionGetResponseValidationSPFPass InvestigateDetectionGetResponseValidationSPF = "pass"`
- `const InvestigateDetectionGetResponseValidationSPFNeutral InvestigateDetectionGetResponseValidationSPF = "neutral"`
- `const InvestigateDetectionGetResponseValidationSPFFail InvestigateDetectionGetResponseValidationSPF = "fail"`
- `const InvestigateDetectionGetResponseValidationSPFError InvestigateDetectionGetResponseValidationSPF = "error"`
- `const InvestigateDetectionGetResponseValidationSPFNone InvestigateDetectionGetResponseValidationSPF = "none"`
- `FinalDisposition InvestigateDetectionGetResponseFinalDisposition`
- `const InvestigateDetectionGetResponseFinalDispositionMalicious InvestigateDetectionGetResponseFinalDisposition = "MALICIOUS"`
- `const InvestigateDetectionGetResponseFinalDispositionMaliciousBec InvestigateDetectionGetResponseFinalDisposition = "MALICIOUS-BEC"`
- `const InvestigateDetectionGetResponseFinalDispositionSuspicious InvestigateDetectionGetResponseFinalDisposition = "SUSPICIOUS"`
- `const InvestigateDetectionGetResponseFinalDispositionSpoof InvestigateDetectionGetResponseFinalDisposition = "SPOOF"`
- `const InvestigateDetectionGetResponseFinalDispositionSpam InvestigateDetectionGetResponseFinalDisposition = "SPAM"`
- `const InvestigateDetectionGetResponseFinalDispositionBulk InvestigateDetectionGetResponseFinalDisposition = "BULK"`
- `const InvestigateDetectionGetResponseFinalDispositionEncrypted InvestigateDetectionGetResponseFinalDisposition = "ENCRYPTED"`
- `const InvestigateDetectionGetResponseFinalDispositionExternal InvestigateDetectionGetResponseFinalDisposition = "EXTERNAL"`
- `const InvestigateDetectionGetResponseFinalDispositionUnknown InvestigateDetectionGetResponseFinalDisposition = "UNKNOWN"`
- `const InvestigateDetectionGetResponseFinalDispositionNone InvestigateDetectionGetResponseFinalDisposition = "NONE"`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
detection, err := client.EmailSecurity.Investigate.Detections.Get(
context.TODO(),
"4Njp3P0STMz2c02Q",
email_security.InvestigateDetectionGetParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
},
)
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", detection.Validation)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"action": "QUARANTINED",
"attachments": [
{
"size": 0,
"content_type": "content_type",
"detection": "MALICIOUS",
"encrypted": true,
"name": "name"
}
],
"headers": [
{
"name": "From",
"value": "Sender Name "
},
{
"name": "Subject",
"value": "listen, I highly recommend u to read that email, just to ensure not a thing will take place"
}
],
"links": [
{
"href": "https://example.com",
"text": "Click here!"
}
],
"sender_info": {
"as_name": "AS0",
"as_number": 0,
"geo": "US/-/-",
"ip": "127.0.0.1",
"pld": "example.com"
},
"threat_categories": [
{
"id": 1234,
"description": null,
"name": "IP Reputation"
}
],
"validation": {
"comment": null,
"dkim": "pass",
"dmarc": "none",
"spf": "fail"
},
"final_disposition": "MALICIOUS"
},
"success": true
}
```
# Preview
## Get email preview
`client.EmailSecurity.Investigate.Preview.Get(ctx, postfixID, query) (*InvestigatePreviewGetResponse, error)`
**get** `/accounts/{account_id}/email-security/investigate/{postfix_id}/preview`
Returns a preview of the message body as a base64 encoded PNG image for non-benign messages.
### Parameters
- `postfixID string`
The identifier of the message.
- `query InvestigatePreviewGetParams`
- `AccountID param.Field[string]`
Account Identifier
### Returns
- `type InvestigatePreviewGetResponse struct{…}`
- `Screenshot string`
A base64 encoded PNG image of the email.
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
preview, err := client.EmailSecurity.Investigate.Preview.Get(
context.TODO(),
"4Njp3P0STMz2c02Q",
email_security.InvestigatePreviewGetParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
},
)
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", preview.Screenshot)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"screenshot": "iVBORw0KGgoAAAANSUhEUgAAAGAAAABgCAYAAADimHc4AAAAAXNSR0IArs4c6QAAAIRlWElmTU0AKgAAAAgABQESAAMAAAABAAEAAAEaAAUAAAABAAAASgEbAAUAAAABAAAAUgEoAAMAAAABAAIAAIdpAAQAAAABAAAAWgAAAAAAAABgAAAAAQAAAGAAAAABAAOgAQADAAAAAQABAACgAgAEAAAAAQAAAGCgAwAEAAAAAQAAAGAAAAAAtVTeigAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAVlpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IlhNUCBDb3JlIDYuMC4wIj4KICAgPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4KICAgICAgPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIKICAgICAgICAgICAgeG1sbnM6dGlmZj0iaHR0cDovL25zLmFkb2JlLmNvbS90aWZmLzEuMC8iPgogICAgICAgICA8dGlmZjpPcmllbnRhdGlvbj4xPC90aWZmOk9yaWVudGF0aW9uPgogICAgICA8L3JkZjpEZXNjcmlwdGlvbj4KICAgPC9yZGY6UkRGPgo8L3g6eG1wbWV0YT4KGV7hBwAACXtJREFUeAHtmwtwXFUZgP9zX7t3b7LNa9M2tGmLDbaWKpL6aBBJHdERQWGkU4u8CraVWmYQYWQUMSoKhZJikYo4Qqc6RVqkKmNHC0K1FGYoM9pqS4FAa9s0aTavfd3d+zq/527YSNvdzWY3m2ySc2c2595z/vOf///+e+4959wTAH5wApwAJ8AJcAKcACfACXACnAAnwAlwApwAJ8AJcAKcACfACXACnAAnwAlwApwAJ8AJcAKcACfACXACnAAnwAlwAhOJABmvzuCz158HXmUp2rCEOlhGbEdFh2qASFAgtiCKMUGgh8FM7IDDp3aQlt12Kfo6rgKAz3ylAQ3rJ/Fg39XYfyx32wUJpJpZ7wiq8LPebuGJaXfuipVKMHJ3YowsRgQC265aE+/quYf2/Le2YDM85aBOn/m7GDHX+m/4W0/B+gpUUNIBwN98rknvif4J+9urC/Tz7OqKBp66+vWSUf9dsvpx62yB0ckpyQDgLxtlS5iyyTx59OuATlFJkOrZYV9l7afItdv/XdSGMigvuQBEHmyqJRLug9DJ+gw2j3y2qIDWcOEPyFef/tHIK8+usaQCEGpdPFd0rEMQC8rZzS5OqXr+JU+JV2+5pjja02sV0mePfm7/I5+eIznm22MF3/U4/p+/L3d23LhxNL0viR7Qs/ETfo/lnIBIsHw0nU/bFiGgLbp0BfnirzanLR/hzJLoAV6QXywJ+C5cNu6N7d/7JD6zat4Is06rbswDENvU/A3sPd6Y1rqxyjRjkDj1zp7RaH5MA3CkpdkL0fAvRsPR4bbhBNtqcNvS7w233nDlxzQAgUp7E+pjPhnNyEw/duRefJLdJEU8pGLo7mptnuuTSJNHkeaBIPhMK/6Gbjm7A7ftfTPV3sGWBQpEu1ekrksxxWgQoLr6Tmbbj4tl34iOgmIbPnsLG8w9hKETajqDiX86sCXJe/1a4D4QEnfF2t/6fjq5UsojFTNQu21v0Z4UIxKA4LqL6nwyfQ3DJ8/JBR7x1wGIEmDfsVzEx1xGO3f+xeT6v7xcDEMKjmystXmRSkPtucJ3nWCy4wZ+0l7wfLsY8F2dBQWg46cfDaDVtw+MSLHsKwm98VDky8UypKAA+BVpF8T7i2Vb6eg1IiPyqE7nUN6joL51jUsw2nVBOqUTLc9TGfi965O++dLlomZvBSICyBoQpdyQVP8R4hFfgAQ+Spb8/PBwfc87AGWadrcR7x5ue+NS3qK2OxQFpcq72jGi7CXGvlGYYUAz7LGi7e6Shftba/x5ma1UB9ZDL2khlz1iuHWGOvJ+BJl65DNDKZ8I5UL17E515a4jri+OEbsoq096l2QeP3iXaR5N4MurH8SWliH5DimQqUHUezMVTah8tVx7wHUIdy6/gv3N7YlhRcHseOsOc9HBKL54S9Z1rrwCcLxlQdWEopzJGfbdGG7Y+XAyABK9MZNYxvx4t2r2vv067l55ayaZvAJgQ0zPpHAi5StT52xjnwfQ9cnWI9kfP5kcZ+8LM9i2EXfffE86kbwCMBuOmiCnXW1I18a4zCO+KuiVrZtSxqMVn5o6zyc1g+/+EF+47uYz6+Y8vg0/vPhygQjLRFH5JLXNWgx3+oGW5GazM33M61o+Z96VnpV//WOqsrF9SbInpK7zStnwVdDqmuQvbHk1VT9rAI63Lq6qJnQTNfRlkAin6kz4VKit/5ZvzZ7ksz/lrPmHy6KsF7CXQoGHp1JXOmoqUnuRMj6CEq0ff6Ay2tVDQ52TB77INmME6lecCd9FLlfUPFUg+oHqRp+Pzk08mtJ1Vg/oallQVlZR/i/a3/GBlNBkSIWqGW2iR7vCs3pX2tksvtQi2frBU1TvLnwEKChgls2ZWv75x7pOC4C7O8GbMNvYGD8wGaAD27QrT2s4KsrON6UVz+8cymd8fZUPYvLzZk9bEzjmUOJZy5VAw29J8+PXnRaAWGvjIQx3z89aM89CEmhwRMUXQVGRmOMC+x5AWOr+2NIKSwl7Ggoish8lRKDsSxplTVnuTwTU2aZzQwCMszehxXYu2AIhCQDKpvvERAImUGIK7jXSePJHWWpRHWw7wQYLcaDolplA0GLnukWddvmmpw+khpnDcQvfXF8DAlkKhnkhmEY52IYKlqGiZWho2z5KDYWtEPtpondGRr3eKlDKFsqDAQhvaLxfCHV/J2OFQgpkL2g152mw6rl4Pg4X0nSx6iL7PwQ4tF0GpXOAYchDIdIxMFIKHkRQKz2m8W4nWzcqz2SDUvfhS5KVO+9vXFhm9B5gd0gm2YLzhepze8G2goiCA6J7dxN31y0bxxKbBcUdz9psJ3ryjgc2d2Gb0m0KaDGTbHbHs/7Ozh1IUGC5wHoDEsthZQjUrWMTBMtheQSphQJYyFKB9Q6Kznup24Mck3Uvk1IITaP73iAtTFkeB+6/oxao8jHWA2ex3lVLEQPEtmqpZVewfxKpQjOmYLx/OpjR6mzqlfqFTyQDEHrogufESN/l2YQnXBmLuhyY+YpBjS/5177WM5R/+I9bA+Cl66ye0DUYbfcMJZ9LuVgz/wQJbrh4uho+wb4R5nUz5NJOact4/WznQ8VHylbuOZDJUNx97Vazu2P5SDMi5bNAKpetpfZkhe8SdyeYEfUVdlZ2ZgBwx5UVjoL7zWB7/ZllI3GNiW425vDVrBkJZeNaR/iUFnns4g+93wd89qpqC+Jtjh4uCvxkW1YMBDNhfvD9DU/Wc0VwBoff+FKz5JDwPrTNrC/Rglm5/zyIkVMF65kICmyHzRPeO5w+2Ow4dE7qumgpmwsIk2JXQw4E43H9n65Y75am8x2HfC2HKgWLEG+1I4BU1L2nBRs5GgrcLZM1t+9vd9vy+jx3j0abbhuypu0TSNnkWPbJBpWtV/w6VS6gsDR1XvQU6Vapa4qkJvrVaRTEMFvAsB2drcewQ/Q5BNj0JOSjA1NtljdFFwY/Srgzlwp1QNaVTx1inNU77dV12gU4qjSoI1XHictn5dla71l5KfnBdIjXl1U2oNcMKTh9SgfaPazthoHaXjswuBQ/8/ZX4ymdHVFHU+tmimoo4Ul4JBmdBFt5khDVBJtbS1junvt0REtO/tx6RLaSjIg+kKZ0oclktCibx//fP0HzCIIlCwnPFLn2+LHJsa8nBYSnnAAnwAlwApwAJ8AJcAKcACfACXACnAAnwAlwApwAJ8AJcAKcACfACXACnAAnwAlwApwAJ8AJcAKcACfACXACk4DA/wDoepVZ2hARhAAAAABJRU5ErkJggg=="
},
"success": true
}
```
## Preview for non-detection messages
`client.EmailSecurity.Investigate.Preview.New(ctx, params) (*InvestigatePreviewNewResponse, error)`
**post** `/accounts/{account_id}/email-security/investigate/preview`
Generates a preview of an email message for safe viewing without executing any
embedded content.
### Parameters
- `params InvestigatePreviewNewParams`
- `AccountID param.Field[string]`
Path param: Account Identifier
- `PostfixID param.Field[string]`
Body param: The identifier of the message.
### Returns
- `type InvestigatePreviewNewResponse struct{…}`
- `Screenshot string`
A base64 encoded PNG image of the email.
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
preview, err := client.EmailSecurity.Investigate.Preview.New(context.TODO(), email_security.InvestigatePreviewNewParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
PostfixID: cloudflare.F("4Njp3P0STMz2c02Q"),
})
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", preview.Screenshot)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"screenshot": "iVBORw0KGgoAAAANSUhEUgAAAGAAAABgCAYAAADimHc4AAAAAXNSR0IArs4c6QAAAIRlWElmTU0AKgAAAAgABQESAAMAAAABAAEAAAEaAAUAAAABAAAASgEbAAUAAAABAAAAUgEoAAMAAAABAAIAAIdpAAQAAAABAAAAWgAAAAAAAABgAAAAAQAAAGAAAAABAAOgAQADAAAAAQABAACgAgAEAAAAAQAAAGCgAwAEAAAAAQAAAGAAAAAAtVTeigAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAVlpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IlhNUCBDb3JlIDYuMC4wIj4KICAgPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4KICAgICAgPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIKICAgICAgICAgICAgeG1sbnM6dGlmZj0iaHR0cDovL25zLmFkb2JlLmNvbS90aWZmLzEuMC8iPgogICAgICAgICA8dGlmZjpPcmllbnRhdGlvbj4xPC90aWZmOk9yaWVudGF0aW9uPgogICAgICA8L3JkZjpEZXNjcmlwdGlvbj4KICAgPC9yZGY6UkRGPgo8L3g6eG1wbWV0YT4KGV7hBwAACXtJREFUeAHtmwtwXFUZgP9zX7t3b7LNa9M2tGmLDbaWKpL6aBBJHdERQWGkU4u8CraVWmYQYWQUMSoKhZJikYo4Qqc6RVqkKmNHC0K1FGYoM9pqS4FAa9s0aTavfd3d+zq/527YSNvdzWY3m2ySc2c2595z/vOf///+e+4959wTAH5wApwAJ8AJcAKcACfACXACnAAnwAlwApwAJ8AJcAKcACfACXACnAAnwAlwApwAJ8AJcAKcACfACXACnAAnwAlwAhOJABmvzuCz158HXmUp2rCEOlhGbEdFh2qASFAgtiCKMUGgh8FM7IDDp3aQlt12Kfo6rgKAz3ylAQ3rJ/Fg39XYfyx32wUJpJpZ7wiq8LPebuGJaXfuipVKMHJ3YowsRgQC265aE+/quYf2/Le2YDM85aBOn/m7GDHX+m/4W0/B+gpUUNIBwN98rknvif4J+9urC/Tz7OqKBp66+vWSUf9dsvpx62yB0ckpyQDgLxtlS5iyyTx59OuATlFJkOrZYV9l7afItdv/XdSGMigvuQBEHmyqJRLug9DJ+gw2j3y2qIDWcOEPyFef/tHIK8+usaQCEGpdPFd0rEMQC8rZzS5OqXr+JU+JV2+5pjja02sV0mePfm7/I5+eIznm22MF3/U4/p+/L3d23LhxNL0viR7Qs/ETfo/lnIBIsHw0nU/bFiGgLbp0BfnirzanLR/hzJLoAV6QXywJ+C5cNu6N7d/7JD6zat4Is06rbswDENvU/A3sPd6Y1rqxyjRjkDj1zp7RaH5MA3CkpdkL0fAvRsPR4bbhBNtqcNvS7w233nDlxzQAgUp7E+pjPhnNyEw/duRefJLdJEU8pGLo7mptnuuTSJNHkeaBIPhMK/6Gbjm7A7ftfTPV3sGWBQpEu1ekrksxxWgQoLr6Tmbbj4tl34iOgmIbPnsLG8w9hKETajqDiX86sCXJe/1a4D4QEnfF2t/6fjq5UsojFTNQu21v0Z4UIxKA4LqL6nwyfQ3DJ8/JBR7x1wGIEmDfsVzEx1xGO3f+xeT6v7xcDEMKjmystXmRSkPtucJ3nWCy4wZ+0l7wfLsY8F2dBQWg46cfDaDVtw+MSLHsKwm98VDky8UypKAA+BVpF8T7i2Vb6eg1IiPyqE7nUN6joL51jUsw2nVBOqUTLc9TGfi965O++dLlomZvBSICyBoQpdyQVP8R4hFfgAQ+Spb8/PBwfc87AGWadrcR7x5ue+NS3qK2OxQFpcq72jGi7CXGvlGYYUAz7LGi7e6Shftba/x5ma1UB9ZDL2khlz1iuHWGOvJ+BJl65DNDKZ8I5UL17E515a4jri+OEbsoq096l2QeP3iXaR5N4MurH8SWliH5DimQqUHUezMVTah8tVx7wHUIdy6/gv3N7YlhRcHseOsOc9HBKL54S9Z1rrwCcLxlQdWEopzJGfbdGG7Y+XAyABK9MZNYxvx4t2r2vv067l55ayaZvAJgQ0zPpHAi5StT52xjnwfQ9cnWI9kfP5kcZ+8LM9i2EXfffE86kbwCMBuOmiCnXW1I18a4zCO+KuiVrZtSxqMVn5o6zyc1g+/+EF+47uYz6+Y8vg0/vPhygQjLRFH5JLXNWgx3+oGW5GazM33M61o+Z96VnpV//WOqsrF9SbInpK7zStnwVdDqmuQvbHk1VT9rAI63Lq6qJnQTNfRlkAin6kz4VKit/5ZvzZ7ksz/lrPmHy6KsF7CXQoGHp1JXOmoqUnuRMj6CEq0ff6Ay2tVDQ52TB77INmME6lecCd9FLlfUPFUg+oHqRp+Pzk08mtJ1Vg/oallQVlZR/i/a3/GBlNBkSIWqGW2iR7vCs3pX2tksvtQi2frBU1TvLnwEKChgls2ZWv75x7pOC4C7O8GbMNvYGD8wGaAD27QrT2s4KsrON6UVz+8cymd8fZUPYvLzZk9bEzjmUOJZy5VAw29J8+PXnRaAWGvjIQx3z89aM89CEmhwRMUXQVGRmOMC+x5AWOr+2NIKSwl7Ggoish8lRKDsSxplTVnuTwTU2aZzQwCMszehxXYu2AIhCQDKpvvERAImUGIK7jXSePJHWWpRHWw7wQYLcaDolplA0GLnukWddvmmpw+khpnDcQvfXF8DAlkKhnkhmEY52IYKlqGiZWho2z5KDYWtEPtpondGRr3eKlDKFsqDAQhvaLxfCHV/J2OFQgpkL2g152mw6rl4Pg4X0nSx6iL7PwQ4tF0GpXOAYchDIdIxMFIKHkRQKz2m8W4nWzcqz2SDUvfhS5KVO+9vXFhm9B5gd0gm2YLzhepze8G2goiCA6J7dxN31y0bxxKbBcUdz9psJ3ryjgc2d2Gb0m0KaDGTbHbHs/7Ozh1IUGC5wHoDEsthZQjUrWMTBMtheQSphQJYyFKB9Q6Kznup24Mck3Uvk1IITaP73iAtTFkeB+6/oxao8jHWA2ex3lVLEQPEtmqpZVewfxKpQjOmYLx/OpjR6mzqlfqFTyQDEHrogufESN/l2YQnXBmLuhyY+YpBjS/5177WM5R/+I9bA+Cl66ye0DUYbfcMJZ9LuVgz/wQJbrh4uho+wb4R5nUz5NJOact4/WznQ8VHylbuOZDJUNx97Vazu2P5SDMi5bNAKpetpfZkhe8SdyeYEfUVdlZ2ZgBwx5UVjoL7zWB7/ZllI3GNiW425vDVrBkJZeNaR/iUFnns4g+93wd89qpqC+Jtjh4uCvxkW1YMBDNhfvD9DU/Wc0VwBoff+FKz5JDwPrTNrC/Rglm5/zyIkVMF65kICmyHzRPeO5w+2Ow4dE7qumgpmwsIk2JXQw4E43H9n65Y75am8x2HfC2HKgWLEG+1I4BU1L2nBRs5GgrcLZM1t+9vd9vy+jx3j0abbhuypu0TSNnkWPbJBpWtV/w6VS6gsDR1XvQU6Vapa4qkJvrVaRTEMFvAsB2drcewQ/Q5BNj0JOSjA1NtljdFFwY/Srgzlwp1QNaVTx1inNU77dV12gU4qjSoI1XHictn5dla71l5KfnBdIjXl1U2oNcMKTh9SgfaPazthoHaXjswuBQ/8/ZX4ymdHVFHU+tmimoo4Ul4JBmdBFt5khDVBJtbS1junvt0REtO/tx6RLaSjIg+kKZ0oclktCibx//fP0HzCIIlCwnPFLn2+LHJsa8nBYSnnAAnwAlwApwAJ8AJcAKcACfACXACnAAnwAlwApwAJ8AJcAKcACfACXACnAAnwAlwApwAJ8AJcAKcACfACXACk4DA/wDoepVZ2hARhAAAAABJRU5ErkJggg=="
},
"success": true
}
```
# Raw
## Get raw email content
`client.EmailSecurity.Investigate.Raw.Get(ctx, postfixID, query) (*InvestigateRawGetResponse, error)`
**get** `/accounts/{account_id}/email-security/investigate/{postfix_id}/raw`
Returns the raw eml of any non-benign message.
### Parameters
- `postfixID string`
The identifier of the message.
- `query InvestigateRawGetParams`
- `AccountID param.Field[string]`
Account Identifier
### Returns
- `type InvestigateRawGetResponse struct{…}`
- `Raw string`
A UTF-8 encoded eml file of the email.
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
raw, err := client.EmailSecurity.Investigate.Raw.Get(
context.TODO(),
"4Njp3P0STMz2c02Q",
email_security.InvestigateRawGetParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
},
)
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", raw.Raw)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"raw": "MIME-Version: 1.0\nContent-Type: text/plain; charset=\"utf-8\"\n\nFrom: sender@example.com\nTo: recipient@example.com\nSubject: Test Email\n\nThis is a test email."
},
"success": true
}
```
# Trace
## Get email trace
`client.EmailSecurity.Investigate.Trace.Get(ctx, postfixID, query) (*InvestigateTraceGetResponse, error)`
**get** `/accounts/{account_id}/email-security/investigate/{postfix_id}/trace`
Gets the delivery trace for an email message, showing its path through email
security processing.
### Parameters
- `postfixID string`
The identifier of the message.
- `query InvestigateTraceGetParams`
- `AccountID param.Field[string]`
Account Identifier
### Returns
- `type InvestigateTraceGetResponse struct{…}`
- `Inbound InvestigateTraceGetResponseInbound`
- `Lines []InvestigateTraceGetResponseInboundLine`
- `Lineno int64`
- `Message string`
- `Ts Time`
- `Pending bool`
- `Outbound InvestigateTraceGetResponseOutbound`
- `Lines []InvestigateTraceGetResponseOutboundLine`
- `Lineno int64`
- `Message string`
- `Ts Time`
- `Pending bool`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
trace, err := client.EmailSecurity.Investigate.Trace.Get(
context.TODO(),
"4Njp3P0STMz2c02Q",
email_security.InvestigateTraceGetParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
},
)
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", trace.Inbound)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"inbound": {
"lines": [
{
"lineno": 0,
"message": "message",
"ts": "2019-12-27T18:11:19.117Z"
}
],
"pending": true
},
"outbound": {
"lines": [
{
"lineno": 0,
"message": "message",
"ts": "2019-12-27T18:11:19.117Z"
}
],
"pending": true
}
},
"success": true
}
```
# Move
## Move a message
`client.EmailSecurity.Investigate.Move.New(ctx, postfixID, params) (*SinglePage[InvestigateMoveNewResponse], error)`
**post** `/accounts/{account_id}/email-security/investigate/{postfix_id}/move`
Moves a single email message to a different folder or changes its quarantine status.
### Parameters
- `postfixID string`
The identifier of the message.
- `params InvestigateMoveNewParams`
- `AccountID param.Field[string]`
Path param: Account Identifier
- `Destination param.Field[InvestigateMoveNewParamsDestination]`
Body param
- `const InvestigateMoveNewParamsDestinationInbox InvestigateMoveNewParamsDestination = "Inbox"`
- `const InvestigateMoveNewParamsDestinationJunkEmail InvestigateMoveNewParamsDestination = "JunkEmail"`
- `const InvestigateMoveNewParamsDestinationDeletedItems InvestigateMoveNewParamsDestination = "DeletedItems"`
- `const InvestigateMoveNewParamsDestinationRecoverableItemsDeletions InvestigateMoveNewParamsDestination = "RecoverableItemsDeletions"`
- `const InvestigateMoveNewParamsDestinationRecoverableItemsPurges InvestigateMoveNewParamsDestination = "RecoverableItemsPurges"`
### Returns
- `type InvestigateMoveNewResponse struct{…}`
- `CompletedTimestamp Time`
Deprecated, use `completed_at` instead
- `ItemCount int64`
- `Success bool`
- `CompletedAt Time`
- `Destination string`
- `MessageID string`
- `Operation string`
- `Recipient string`
- `Status string`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
page, err := client.EmailSecurity.Investigate.Move.New(
context.TODO(),
"4Njp3P0STMz2c02Q",
email_security.InvestigateMoveNewParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
Destination: cloudflare.F(email_security.InvestigateMoveNewParamsDestinationInbox),
},
)
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", page)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": [
{
"completed_timestamp": "2019-12-27T18:11:19.117Z",
"item_count": 0,
"success": true,
"completed_at": "2019-12-27T18:11:19.117Z",
"destination": "destination",
"message_id": "message_id",
"operation": "operation",
"recipient": "recipient",
"status": "status"
}
],
"success": true
}
```
## Move multiple messages
`client.EmailSecurity.Investigate.Move.Bulk(ctx, params) (*SinglePage[InvestigateMoveBulkResponse], error)`
**post** `/accounts/{account_id}/email-security/investigate/move`
Maximum batch size: 1000 messages per request
### Parameters
- `params InvestigateMoveBulkParams`
- `AccountID param.Field[string]`
Path param: Account Identifier
- `Destination param.Field[InvestigateMoveBulkParamsDestination]`
Body param
- `const InvestigateMoveBulkParamsDestinationInbox InvestigateMoveBulkParamsDestination = "Inbox"`
- `const InvestigateMoveBulkParamsDestinationJunkEmail InvestigateMoveBulkParamsDestination = "JunkEmail"`
- `const InvestigateMoveBulkParamsDestinationDeletedItems InvestigateMoveBulkParamsDestination = "DeletedItems"`
- `const InvestigateMoveBulkParamsDestinationRecoverableItemsDeletions InvestigateMoveBulkParamsDestination = "RecoverableItemsDeletions"`
- `const InvestigateMoveBulkParamsDestinationRecoverableItemsPurges InvestigateMoveBulkParamsDestination = "RecoverableItemsPurges"`
- `IDs param.Field[[]string]`
Body param: List of message IDs to move.
- `PostfixIDs param.Field[[]string]`
Body param: Deprecated: Use `ids` instead. List of message IDs to move.
### Returns
- `type InvestigateMoveBulkResponse struct{…}`
- `CompletedTimestamp Time`
Deprecated, use `completed_at` instead
- `ItemCount int64`
- `Success bool`
- `CompletedAt Time`
- `Destination string`
- `MessageID string`
- `Operation string`
- `Recipient string`
- `Status string`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
page, err := client.EmailSecurity.Investigate.Move.Bulk(context.TODO(), email_security.InvestigateMoveBulkParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
Destination: cloudflare.F(email_security.InvestigateMoveBulkParamsDestinationInbox),
})
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", page)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": [
{
"completed_timestamp": "2019-12-27T18:11:19.117Z",
"item_count": 0,
"success": true,
"completed_at": "2019-12-27T18:11:19.117Z",
"destination": "destination",
"message_id": "message_id",
"operation": "operation",
"recipient": "recipient",
"status": "status"
}
],
"success": true
}
```
# Reclassify
## Change email classification
`client.EmailSecurity.Investigate.Reclassify.New(ctx, postfixID, params) (*InvestigateReclassifyNewResponse, error)`
**post** `/accounts/{account_id}/email-security/investigate/{postfix_id}/reclassify`
Submits an email message for reclassification, updating its threat assessment
based on new analysis.
### Parameters
- `postfixID string`
The identifier of the message.
- `params InvestigateReclassifyNewParams`
- `AccountID param.Field[string]`
Path param: Account Identifier
- `ExpectedDisposition param.Field[InvestigateReclassifyNewParamsExpectedDisposition]`
Body param
- `const InvestigateReclassifyNewParamsExpectedDispositionNone InvestigateReclassifyNewParamsExpectedDisposition = "NONE"`
- `const InvestigateReclassifyNewParamsExpectedDispositionBulk InvestigateReclassifyNewParamsExpectedDisposition = "BULK"`
- `const InvestigateReclassifyNewParamsExpectedDispositionMalicious InvestigateReclassifyNewParamsExpectedDisposition = "MALICIOUS"`
- `const InvestigateReclassifyNewParamsExpectedDispositionSpam InvestigateReclassifyNewParamsExpectedDisposition = "SPAM"`
- `const InvestigateReclassifyNewParamsExpectedDispositionSpoof InvestigateReclassifyNewParamsExpectedDisposition = "SPOOF"`
- `const InvestigateReclassifyNewParamsExpectedDispositionSuspicious InvestigateReclassifyNewParamsExpectedDisposition = "SUSPICIOUS"`
- `EmlContent param.Field[string]`
Body param: Base64 encoded content of the EML file
- `EscalatedSubmissionID param.Field[string]`
Body param
### Returns
- `type InvestigateReclassifyNewResponse interface{…}`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
reclassify, err := client.EmailSecurity.Investigate.Reclassify.New(
context.TODO(),
"4Njp3P0STMz2c02Q",
email_security.InvestigateReclassifyNewParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
ExpectedDisposition: cloudflare.F(email_security.InvestigateReclassifyNewParamsExpectedDispositionNone),
},
)
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", reclassify)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {},
"success": true
}
```
# Release
## Release messages from quarantine
`client.EmailSecurity.Investigate.Release.Bulk(ctx, params) (*SinglePage[InvestigateReleaseBulkResponse], error)`
**post** `/accounts/{account_id}/email-security/investigate/release`
Releases a quarantined email message, allowing it to be delivered to the recipient.
### Parameters
- `params InvestigateReleaseBulkParams`
- `AccountID param.Field[string]`
Path param: Account Identifier
- `Body param.Field[[]string]`
Body param: A list of messages identfied by their `postfix_id`s that should be released.
### Returns
- `type InvestigateReleaseBulkResponse struct{…}`
- `ID string`
- `PostfixID string`
The identifier of the message.
- `Delivered []string`
- `Failed []string`
- `Undelivered []string`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
page, err := client.EmailSecurity.Investigate.Release.Bulk(context.TODO(), email_security.InvestigateReleaseBulkParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
Body: []string{"4Njp3P0STMz2c02Q"},
})
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", page)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": [
{
"id": "id",
"postfix_id": "4Njp3P0STMz2c02Q",
"delivered": [
"string"
],
"failed": [
"string"
],
"undelivered": [
"string"
]
}
],
"success": true
}
```
# Phishguard
# Reports
## Get `PhishGuard` reports
`client.EmailSecurity.Phishguard.Reports.List(ctx, params) (*SinglePage[PhishguardReportListResponse], error)`
**get** `/accounts/{account_id}/email-security/phishguard/reports`
Retrieves `PhishGuard` reports showing phishing attempts and suspicious email patterns
detected.
### Parameters
- `params PhishguardReportListParams`
- `AccountID param.Field[string]`
Path param: Account Identifier
- `End param.Field[Time]`
Query param: The end of the search date range (RFC3339 format).
- `FromDate param.Field[Time]`
Query param
- `Start param.Field[Time]`
Query param: The beginning of the search date range (RFC3339 format).
- `ToDate param.Field[Time]`
Query param
### Returns
- `type PhishguardReportListResponse struct{…}`
- `ID int64`
- `Content string`
- `CreatedAt Time`
- `Disposition PhishguardReportListResponseDisposition`
- `const PhishguardReportListResponseDispositionMalicious PhishguardReportListResponseDisposition = "MALICIOUS"`
- `const PhishguardReportListResponseDispositionMaliciousBec PhishguardReportListResponseDisposition = "MALICIOUS-BEC"`
- `const PhishguardReportListResponseDispositionSuspicious PhishguardReportListResponseDisposition = "SUSPICIOUS"`
- `const PhishguardReportListResponseDispositionSpoof PhishguardReportListResponseDisposition = "SPOOF"`
- `const PhishguardReportListResponseDispositionSpam PhishguardReportListResponseDisposition = "SPAM"`
- `const PhishguardReportListResponseDispositionBulk PhishguardReportListResponseDisposition = "BULK"`
- `const PhishguardReportListResponseDispositionEncrypted PhishguardReportListResponseDisposition = "ENCRYPTED"`
- `const PhishguardReportListResponseDispositionExternal PhishguardReportListResponseDisposition = "EXTERNAL"`
- `const PhishguardReportListResponseDispositionUnknown PhishguardReportListResponseDisposition = "UNKNOWN"`
- `const PhishguardReportListResponseDispositionNone PhishguardReportListResponseDisposition = "NONE"`
- `Fields PhishguardReportListResponseFields`
- `To []string`
- `Ts Time`
- `From string`
- `PostfixID string`
- `Priority string`
- `Title string`
- `Ts Time`
- `UpdatedAt Time`
- `Tags []PhishguardReportListResponseTag`
- `Category string`
- `Value string`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
page, err := client.EmailSecurity.Phishguard.Reports.List(context.TODO(), email_security.PhishguardReportListParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
})
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", page)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": [
{
"id": 0,
"content": "content",
"created_at": "2019-12-27T18:11:19.117Z",
"disposition": "MALICIOUS",
"fields": {
"to": [
"string"
],
"ts": "2019-12-27T18:11:19.117Z",
"from": "from",
"postfix_id": "postfix_id"
},
"priority": "priority",
"title": "title",
"ts": "2019-12-27T18:11:19.117Z",
"updated_at": "2019-12-27T18:11:19.117Z",
"tags": [
{
"category": "category",
"value": "value"
}
]
}
],
"success": true
}
```
# Settings
# Allow Policies
## List email allow policies
`client.EmailSecurity.Settings.AllowPolicies.List(ctx, params) (*V4PagePaginationArray[SettingAllowPolicyListResponse], error)`
**get** `/accounts/{account_id}/email-security/settings/allow_policies`
Lists, searches, and sorts an account’s email allow policies.
### Parameters
- `params SettingAllowPolicyListParams`
- `AccountID param.Field[string]`
Path param: Account Identifier
- `Direction param.Field[SettingAllowPolicyListParamsDirection]`
Query param: The sorting direction.
- `const SettingAllowPolicyListParamsDirectionAsc SettingAllowPolicyListParamsDirection = "asc"`
- `const SettingAllowPolicyListParamsDirectionDesc SettingAllowPolicyListParamsDirection = "desc"`
- `IsAcceptableSender param.Field[bool]`
Query param
- `IsExemptRecipient param.Field[bool]`
Query param
- `IsRecipient param.Field[bool]`
Query param
- `IsSender param.Field[bool]`
Query param
- `IsSpoof param.Field[bool]`
Query param
- `IsTrustedSender param.Field[bool]`
Query param
- `Order param.Field[SettingAllowPolicyListParamsOrder]`
Query param: The field to sort by.
- `const SettingAllowPolicyListParamsOrderPattern SettingAllowPolicyListParamsOrder = "pattern"`
- `const SettingAllowPolicyListParamsOrderCreatedAt SettingAllowPolicyListParamsOrder = "created_at"`
- `Page param.Field[int64]`
Query param: The page number of paginated results.
- `Pattern param.Field[string]`
Query param
- `PatternType param.Field[SettingAllowPolicyListParamsPatternType]`
Query param
- `const SettingAllowPolicyListParamsPatternTypeEmail SettingAllowPolicyListParamsPatternType = "EMAIL"`
- `const SettingAllowPolicyListParamsPatternTypeDomain SettingAllowPolicyListParamsPatternType = "DOMAIN"`
- `const SettingAllowPolicyListParamsPatternTypeIP SettingAllowPolicyListParamsPatternType = "IP"`
- `const SettingAllowPolicyListParamsPatternTypeUnknown SettingAllowPolicyListParamsPatternType = "UNKNOWN"`
- `PerPage param.Field[int64]`
Query param: The number of results per page.
- `Search param.Field[string]`
Query param: Allows searching in multiple properties of a record simultaneously.
This parameter is intended for human users, not automation. Its exact
behavior is intentionally left unspecified and is subject to change
in the future.
- `VerifySender param.Field[bool]`
Query param
### Returns
- `type SettingAllowPolicyListResponse struct{…}`
- `ID int64`
The unique identifier for the allow policy.
- `CreatedAt Time`
- `IsAcceptableSender bool`
Messages from this sender will be exempted from Spam, Spoof and Bulk dispositions.
Note: This will not exempt messages with Malicious or Suspicious dispositions.
- `IsExemptRecipient bool`
Messages to this recipient will bypass all detections.
- `IsRegex bool`
- `IsTrustedSender bool`
Messages from this sender will bypass all detections and link following.
- `LastModified Time`
- `Pattern string`
- `PatternType SettingAllowPolicyListResponsePatternType`
- `const SettingAllowPolicyListResponsePatternTypeEmail SettingAllowPolicyListResponsePatternType = "EMAIL"`
- `const SettingAllowPolicyListResponsePatternTypeDomain SettingAllowPolicyListResponsePatternType = "DOMAIN"`
- `const SettingAllowPolicyListResponsePatternTypeIP SettingAllowPolicyListResponsePatternType = "IP"`
- `const SettingAllowPolicyListResponsePatternTypeUnknown SettingAllowPolicyListResponsePatternType = "UNKNOWN"`
- `VerifySender bool`
Enforce DMARC, SPF or DKIM authentication.
When on, Email Security only honors policies that pass authentication.
- `Comments string`
- `IsRecipient bool`
- `IsSender bool`
- `IsSpoof bool`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
page, err := client.EmailSecurity.Settings.AllowPolicies.List(context.TODO(), email_security.SettingAllowPolicyListParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
})
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", page)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": [
{
"id": 2401,
"created_at": "2019-12-27T18:11:19.117Z",
"is_acceptable_sender": true,
"is_exempt_recipient": true,
"is_regex": true,
"is_trusted_sender": true,
"last_modified": "2019-12-27T18:11:19.117Z",
"pattern": "x",
"pattern_type": "EMAIL",
"verify_sender": true,
"comments": "comments",
"is_recipient": true,
"is_sender": true,
"is_spoof": true
}
],
"result_info": {
"count": 1,
"page": 1,
"per_page": 20,
"total_count": 2000
},
"success": true
}
```
## Get an email allow policy
`client.EmailSecurity.Settings.AllowPolicies.Get(ctx, policyID, query) (*SettingAllowPolicyGetResponse, error)`
**get** `/accounts/{account_id}/email-security/settings/allow_policies/{policy_id}`
Retrieves details for a specific email allow policy, including its matching criteria
and scope.
### Parameters
- `policyID int64`
The unique identifier for the allow policy.
- `query SettingAllowPolicyGetParams`
- `AccountID param.Field[string]`
Account Identifier
### Returns
- `type SettingAllowPolicyGetResponse struct{…}`
- `ID int64`
The unique identifier for the allow policy.
- `CreatedAt Time`
- `IsAcceptableSender bool`
Messages from this sender will be exempted from Spam, Spoof and Bulk dispositions.
Note: This will not exempt messages with Malicious or Suspicious dispositions.
- `IsExemptRecipient bool`
Messages to this recipient will bypass all detections.
- `IsRegex bool`
- `IsTrustedSender bool`
Messages from this sender will bypass all detections and link following.
- `LastModified Time`
- `Pattern string`
- `PatternType SettingAllowPolicyGetResponsePatternType`
- `const SettingAllowPolicyGetResponsePatternTypeEmail SettingAllowPolicyGetResponsePatternType = "EMAIL"`
- `const SettingAllowPolicyGetResponsePatternTypeDomain SettingAllowPolicyGetResponsePatternType = "DOMAIN"`
- `const SettingAllowPolicyGetResponsePatternTypeIP SettingAllowPolicyGetResponsePatternType = "IP"`
- `const SettingAllowPolicyGetResponsePatternTypeUnknown SettingAllowPolicyGetResponsePatternType = "UNKNOWN"`
- `VerifySender bool`
Enforce DMARC, SPF or DKIM authentication.
When on, Email Security only honors policies that pass authentication.
- `Comments string`
- `IsRecipient bool`
- `IsSender bool`
- `IsSpoof bool`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
allowPolicy, err := client.EmailSecurity.Settings.AllowPolicies.Get(
context.TODO(),
int64(2401),
email_security.SettingAllowPolicyGetParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
},
)
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", allowPolicy.ID)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"id": 2401,
"created_at": "2019-12-27T18:11:19.117Z",
"is_acceptable_sender": true,
"is_exempt_recipient": true,
"is_regex": true,
"is_trusted_sender": true,
"last_modified": "2019-12-27T18:11:19.117Z",
"pattern": "x",
"pattern_type": "EMAIL",
"verify_sender": true,
"comments": "comments",
"is_recipient": true,
"is_sender": true,
"is_spoof": true
},
"success": true
}
```
## Create an email allow policy
`client.EmailSecurity.Settings.AllowPolicies.New(ctx, params) (*SettingAllowPolicyNewResponse, error)`
**post** `/accounts/{account_id}/email-security/settings/allow_policies`
Creates a new email allow policy that permits specific senders, domains, or patterns
to bypass security scanning.
### Parameters
- `params SettingAllowPolicyNewParams`
- `AccountID param.Field[string]`
Path param: Account Identifier
- `IsAcceptableSender param.Field[bool]`
Body param: Messages from this sender will be exempted from Spam, Spoof and Bulk dispositions.
Note: This will not exempt messages with Malicious or Suspicious dispositions.
- `IsExemptRecipient param.Field[bool]`
Body param: Messages to this recipient will bypass all detections.
- `IsRegex param.Field[bool]`
Body param
- `IsTrustedSender param.Field[bool]`
Body param: Messages from this sender will bypass all detections and link following.
- `Pattern param.Field[string]`
Body param
- `PatternType param.Field[SettingAllowPolicyNewParamsPatternType]`
Body param
- `const SettingAllowPolicyNewParamsPatternTypeEmail SettingAllowPolicyNewParamsPatternType = "EMAIL"`
- `const SettingAllowPolicyNewParamsPatternTypeDomain SettingAllowPolicyNewParamsPatternType = "DOMAIN"`
- `const SettingAllowPolicyNewParamsPatternTypeIP SettingAllowPolicyNewParamsPatternType = "IP"`
- `const SettingAllowPolicyNewParamsPatternTypeUnknown SettingAllowPolicyNewParamsPatternType = "UNKNOWN"`
- `VerifySender param.Field[bool]`
Body param: Enforce DMARC, SPF or DKIM authentication.
When on, Email Security only honors policies that pass authentication.
- `Comments param.Field[string]`
Body param
- `IsRecipient param.Field[bool]`
Body param
- `IsSender param.Field[bool]`
Body param
- `IsSpoof param.Field[bool]`
Body param
### Returns
- `type SettingAllowPolicyNewResponse struct{…}`
- `ID int64`
The unique identifier for the allow policy.
- `CreatedAt Time`
- `IsAcceptableSender bool`
Messages from this sender will be exempted from Spam, Spoof and Bulk dispositions.
Note: This will not exempt messages with Malicious or Suspicious dispositions.
- `IsExemptRecipient bool`
Messages to this recipient will bypass all detections.
- `IsRegex bool`
- `IsTrustedSender bool`
Messages from this sender will bypass all detections and link following.
- `LastModified Time`
- `Pattern string`
- `PatternType SettingAllowPolicyNewResponsePatternType`
- `const SettingAllowPolicyNewResponsePatternTypeEmail SettingAllowPolicyNewResponsePatternType = "EMAIL"`
- `const SettingAllowPolicyNewResponsePatternTypeDomain SettingAllowPolicyNewResponsePatternType = "DOMAIN"`
- `const SettingAllowPolicyNewResponsePatternTypeIP SettingAllowPolicyNewResponsePatternType = "IP"`
- `const SettingAllowPolicyNewResponsePatternTypeUnknown SettingAllowPolicyNewResponsePatternType = "UNKNOWN"`
- `VerifySender bool`
Enforce DMARC, SPF or DKIM authentication.
When on, Email Security only honors policies that pass authentication.
- `Comments string`
- `IsRecipient bool`
- `IsSender bool`
- `IsSpoof bool`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
allowPolicy, err := client.EmailSecurity.Settings.AllowPolicies.New(context.TODO(), email_security.SettingAllowPolicyNewParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
IsAcceptableSender: cloudflare.F(false),
IsExemptRecipient: cloudflare.F(false),
IsRegex: cloudflare.F(false),
IsTrustedSender: cloudflare.F(true),
Pattern: cloudflare.F("test@example.com"),
PatternType: cloudflare.F(email_security.SettingAllowPolicyNewParamsPatternTypeEmail),
VerifySender: cloudflare.F(true),
})
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", allowPolicy.ID)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"id": 2401,
"created_at": "2019-12-27T18:11:19.117Z",
"is_acceptable_sender": true,
"is_exempt_recipient": true,
"is_regex": true,
"is_trusted_sender": true,
"last_modified": "2019-12-27T18:11:19.117Z",
"pattern": "x",
"pattern_type": "EMAIL",
"verify_sender": true,
"comments": "comments",
"is_recipient": true,
"is_sender": true,
"is_spoof": true
},
"success": true
}
```
## Update an email allow policy
`client.EmailSecurity.Settings.AllowPolicies.Edit(ctx, policyID, params) (*SettingAllowPolicyEditResponse, error)`
**patch** `/accounts/{account_id}/email-security/settings/allow_policies/{policy_id}`
Updates an existing email allow policy, modifying its matching criteria or scope.
### Parameters
- `policyID int64`
The unique identifier for the allow policy.
- `params SettingAllowPolicyEditParams`
- `AccountID param.Field[string]`
Path param: Account Identifier
- `Comments param.Field[string]`
Body param
- `IsAcceptableSender param.Field[bool]`
Body param: Messages from this sender will be exempted from Spam, Spoof and Bulk dispositions.
Note: This will not exempt messages with Malicious or Suspicious dispositions.
- `IsExemptRecipient param.Field[bool]`
Body param: Messages to this recipient will bypass all detections.
- `IsRegex param.Field[bool]`
Body param
- `IsTrustedSender param.Field[bool]`
Body param: Messages from this sender will bypass all detections and link following.
- `Pattern param.Field[string]`
Body param
- `PatternType param.Field[SettingAllowPolicyEditParamsPatternType]`
Body param
- `const SettingAllowPolicyEditParamsPatternTypeEmail SettingAllowPolicyEditParamsPatternType = "EMAIL"`
- `const SettingAllowPolicyEditParamsPatternTypeDomain SettingAllowPolicyEditParamsPatternType = "DOMAIN"`
- `const SettingAllowPolicyEditParamsPatternTypeIP SettingAllowPolicyEditParamsPatternType = "IP"`
- `const SettingAllowPolicyEditParamsPatternTypeUnknown SettingAllowPolicyEditParamsPatternType = "UNKNOWN"`
- `VerifySender param.Field[bool]`
Body param: Enforce DMARC, SPF or DKIM authentication.
When on, Email Security only honors policies that pass authentication.
### Returns
- `type SettingAllowPolicyEditResponse struct{…}`
- `ID int64`
The unique identifier for the allow policy.
- `CreatedAt Time`
- `IsAcceptableSender bool`
Messages from this sender will be exempted from Spam, Spoof and Bulk dispositions.
Note: This will not exempt messages with Malicious or Suspicious dispositions.
- `IsExemptRecipient bool`
Messages to this recipient will bypass all detections.
- `IsRegex bool`
- `IsTrustedSender bool`
Messages from this sender will bypass all detections and link following.
- `LastModified Time`
- `Pattern string`
- `PatternType SettingAllowPolicyEditResponsePatternType`
- `const SettingAllowPolicyEditResponsePatternTypeEmail SettingAllowPolicyEditResponsePatternType = "EMAIL"`
- `const SettingAllowPolicyEditResponsePatternTypeDomain SettingAllowPolicyEditResponsePatternType = "DOMAIN"`
- `const SettingAllowPolicyEditResponsePatternTypeIP SettingAllowPolicyEditResponsePatternType = "IP"`
- `const SettingAllowPolicyEditResponsePatternTypeUnknown SettingAllowPolicyEditResponsePatternType = "UNKNOWN"`
- `VerifySender bool`
Enforce DMARC, SPF or DKIM authentication.
When on, Email Security only honors policies that pass authentication.
- `Comments string`
- `IsRecipient bool`
- `IsSender bool`
- `IsSpoof bool`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
response, err := client.EmailSecurity.Settings.AllowPolicies.Edit(
context.TODO(),
int64(2401),
email_security.SettingAllowPolicyEditParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
},
)
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", response.ID)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"id": 2401,
"created_at": "2019-12-27T18:11:19.117Z",
"is_acceptable_sender": true,
"is_exempt_recipient": true,
"is_regex": true,
"is_trusted_sender": true,
"last_modified": "2019-12-27T18:11:19.117Z",
"pattern": "x",
"pattern_type": "EMAIL",
"verify_sender": true,
"comments": "comments",
"is_recipient": true,
"is_sender": true,
"is_spoof": true
},
"success": true
}
```
## Delete an email allow policy
`client.EmailSecurity.Settings.AllowPolicies.Delete(ctx, policyID, body) (*SettingAllowPolicyDeleteResponse, error)`
**delete** `/accounts/{account_id}/email-security/settings/allow_policies/{policy_id}`
Removes an email allow policy. Previously allowed senders will be subject to normal
security scanning.
### Parameters
- `policyID int64`
The unique identifier for the allow policy.
- `body SettingAllowPolicyDeleteParams`
- `AccountID param.Field[string]`
Account Identifier
### Returns
- `type SettingAllowPolicyDeleteResponse struct{…}`
- `ID int64`
The unique identifier for the allow policy.
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
allowPolicy, err := client.EmailSecurity.Settings.AllowPolicies.Delete(
context.TODO(),
int64(2401),
email_security.SettingAllowPolicyDeleteParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
},
)
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", allowPolicy.ID)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"id": 2401
},
"success": true
}
```
# Block Senders
## List blocked email senders
`client.EmailSecurity.Settings.BlockSenders.List(ctx, params) (*V4PagePaginationArray[SettingBlockSenderListResponse], error)`
**get** `/accounts/{account_id}/email-security/settings/block_senders`
Lists all blocked sender entries with their patterns and block reasons.
### Parameters
- `params SettingBlockSenderListParams`
- `AccountID param.Field[string]`
Path param: Account Identifier
- `Direction param.Field[SettingBlockSenderListParamsDirection]`
Query param: The sorting direction.
- `const SettingBlockSenderListParamsDirectionAsc SettingBlockSenderListParamsDirection = "asc"`
- `const SettingBlockSenderListParamsDirectionDesc SettingBlockSenderListParamsDirection = "desc"`
- `Order param.Field[SettingBlockSenderListParamsOrder]`
Query param: The field to sort by.
- `const SettingBlockSenderListParamsOrderPattern SettingBlockSenderListParamsOrder = "pattern"`
- `const SettingBlockSenderListParamsOrderCreatedAt SettingBlockSenderListParamsOrder = "created_at"`
- `Page param.Field[int64]`
Query param: The page number of paginated results.
- `Pattern param.Field[string]`
Query param
- `PatternType param.Field[SettingBlockSenderListParamsPatternType]`
Query param
- `const SettingBlockSenderListParamsPatternTypeEmail SettingBlockSenderListParamsPatternType = "EMAIL"`
- `const SettingBlockSenderListParamsPatternTypeDomain SettingBlockSenderListParamsPatternType = "DOMAIN"`
- `const SettingBlockSenderListParamsPatternTypeIP SettingBlockSenderListParamsPatternType = "IP"`
- `const SettingBlockSenderListParamsPatternTypeUnknown SettingBlockSenderListParamsPatternType = "UNKNOWN"`
- `PerPage param.Field[int64]`
Query param: The number of results per page.
- `Search param.Field[string]`
Query param: Allows searching in multiple properties of a record simultaneously.
This parameter is intended for human users, not automation. Its exact
behavior is intentionally left unspecified and is subject to change
in the future.
### Returns
- `type SettingBlockSenderListResponse struct{…}`
- `ID int64`
The unique identifier for the allow policy.
- `CreatedAt Time`
- `IsRegex bool`
- `LastModified Time`
- `Pattern string`
- `PatternType SettingBlockSenderListResponsePatternType`
- `const SettingBlockSenderListResponsePatternTypeEmail SettingBlockSenderListResponsePatternType = "EMAIL"`
- `const SettingBlockSenderListResponsePatternTypeDomain SettingBlockSenderListResponsePatternType = "DOMAIN"`
- `const SettingBlockSenderListResponsePatternTypeIP SettingBlockSenderListResponsePatternType = "IP"`
- `const SettingBlockSenderListResponsePatternTypeUnknown SettingBlockSenderListResponsePatternType = "UNKNOWN"`
- `Comments string`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
page, err := client.EmailSecurity.Settings.BlockSenders.List(context.TODO(), email_security.SettingBlockSenderListParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
})
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", page)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": [
{
"id": 2402,
"created_at": "2019-12-27T18:11:19.117Z",
"is_regex": true,
"last_modified": "2019-12-27T18:11:19.117Z",
"pattern": "x",
"pattern_type": "EMAIL",
"comments": "comments"
}
],
"result_info": {
"count": 1,
"page": 1,
"per_page": 20,
"total_count": 2000
},
"success": true
}
```
## Get a blocked email sender
`client.EmailSecurity.Settings.BlockSenders.Get(ctx, patternID, query) (*SettingBlockSenderGetResponse, error)`
**get** `/accounts/{account_id}/email-security/settings/block_senders/{pattern_id}`
Gets information about a specific blocked sender entry, including the pattern and
block reason.
### Parameters
- `patternID int64`
The unique identifier for the allow policy.
- `query SettingBlockSenderGetParams`
- `AccountID param.Field[string]`
Account Identifier
### Returns
- `type SettingBlockSenderGetResponse struct{…}`
- `ID int64`
The unique identifier for the allow policy.
- `CreatedAt Time`
- `IsRegex bool`
- `LastModified Time`
- `Pattern string`
- `PatternType SettingBlockSenderGetResponsePatternType`
- `const SettingBlockSenderGetResponsePatternTypeEmail SettingBlockSenderGetResponsePatternType = "EMAIL"`
- `const SettingBlockSenderGetResponsePatternTypeDomain SettingBlockSenderGetResponsePatternType = "DOMAIN"`
- `const SettingBlockSenderGetResponsePatternTypeIP SettingBlockSenderGetResponsePatternType = "IP"`
- `const SettingBlockSenderGetResponsePatternTypeUnknown SettingBlockSenderGetResponsePatternType = "UNKNOWN"`
- `Comments string`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
blockSender, err := client.EmailSecurity.Settings.BlockSenders.Get(
context.TODO(),
int64(2402),
email_security.SettingBlockSenderGetParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
},
)
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", blockSender.ID)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"id": 2402,
"created_at": "2019-12-27T18:11:19.117Z",
"is_regex": true,
"last_modified": "2019-12-27T18:11:19.117Z",
"pattern": "x",
"pattern_type": "EMAIL",
"comments": "comments"
},
"success": true
}
```
## Create a blocked email sender
`client.EmailSecurity.Settings.BlockSenders.New(ctx, params) (*SettingBlockSenderNewResponse, error)`
**post** `/accounts/{account_id}/email-security/settings/block_senders`
Adds a sender pattern to the email block list, preventing messages from matching
senders from being delivered.
### Parameters
- `params SettingBlockSenderNewParams`
- `AccountID param.Field[string]`
Path param: Account Identifier
- `IsRegex param.Field[bool]`
Body param
- `Pattern param.Field[string]`
Body param
- `PatternType param.Field[SettingBlockSenderNewParamsPatternType]`
Body param
- `const SettingBlockSenderNewParamsPatternTypeEmail SettingBlockSenderNewParamsPatternType = "EMAIL"`
- `const SettingBlockSenderNewParamsPatternTypeDomain SettingBlockSenderNewParamsPatternType = "DOMAIN"`
- `const SettingBlockSenderNewParamsPatternTypeIP SettingBlockSenderNewParamsPatternType = "IP"`
- `const SettingBlockSenderNewParamsPatternTypeUnknown SettingBlockSenderNewParamsPatternType = "UNKNOWN"`
- `Comments param.Field[string]`
Body param
### Returns
- `type SettingBlockSenderNewResponse struct{…}`
- `ID int64`
The unique identifier for the allow policy.
- `CreatedAt Time`
- `IsRegex bool`
- `LastModified Time`
- `Pattern string`
- `PatternType SettingBlockSenderNewResponsePatternType`
- `const SettingBlockSenderNewResponsePatternTypeEmail SettingBlockSenderNewResponsePatternType = "EMAIL"`
- `const SettingBlockSenderNewResponsePatternTypeDomain SettingBlockSenderNewResponsePatternType = "DOMAIN"`
- `const SettingBlockSenderNewResponsePatternTypeIP SettingBlockSenderNewResponsePatternType = "IP"`
- `const SettingBlockSenderNewResponsePatternTypeUnknown SettingBlockSenderNewResponsePatternType = "UNKNOWN"`
- `Comments string`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
blockSender, err := client.EmailSecurity.Settings.BlockSenders.New(context.TODO(), email_security.SettingBlockSenderNewParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
IsRegex: cloudflare.F(false),
Pattern: cloudflare.F("test@example.com"),
PatternType: cloudflare.F(email_security.SettingBlockSenderNewParamsPatternTypeEmail),
})
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", blockSender.ID)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"id": 2402,
"created_at": "2019-12-27T18:11:19.117Z",
"is_regex": true,
"last_modified": "2019-12-27T18:11:19.117Z",
"pattern": "x",
"pattern_type": "EMAIL",
"comments": "comments"
},
"success": true
}
```
## Update a blocked email sender
`client.EmailSecurity.Settings.BlockSenders.Edit(ctx, patternID, params) (*SettingBlockSenderEditResponse, error)`
**patch** `/accounts/{account_id}/email-security/settings/block_senders/{pattern_id}`
Modifies a blocked sender entry, updating its pattern or block reason.
### Parameters
- `patternID int64`
The unique identifier for the allow policy.
- `params SettingBlockSenderEditParams`
- `AccountID param.Field[string]`
Path param: Account Identifier
- `Comments param.Field[string]`
Body param
- `IsRegex param.Field[bool]`
Body param
- `Pattern param.Field[string]`
Body param
- `PatternType param.Field[SettingBlockSenderEditParamsPatternType]`
Body param
- `const SettingBlockSenderEditParamsPatternTypeEmail SettingBlockSenderEditParamsPatternType = "EMAIL"`
- `const SettingBlockSenderEditParamsPatternTypeDomain SettingBlockSenderEditParamsPatternType = "DOMAIN"`
- `const SettingBlockSenderEditParamsPatternTypeIP SettingBlockSenderEditParamsPatternType = "IP"`
- `const SettingBlockSenderEditParamsPatternTypeUnknown SettingBlockSenderEditParamsPatternType = "UNKNOWN"`
### Returns
- `type SettingBlockSenderEditResponse struct{…}`
- `ID int64`
The unique identifier for the allow policy.
- `CreatedAt Time`
- `IsRegex bool`
- `LastModified Time`
- `Pattern string`
- `PatternType SettingBlockSenderEditResponsePatternType`
- `const SettingBlockSenderEditResponsePatternTypeEmail SettingBlockSenderEditResponsePatternType = "EMAIL"`
- `const SettingBlockSenderEditResponsePatternTypeDomain SettingBlockSenderEditResponsePatternType = "DOMAIN"`
- `const SettingBlockSenderEditResponsePatternTypeIP SettingBlockSenderEditResponsePatternType = "IP"`
- `const SettingBlockSenderEditResponsePatternTypeUnknown SettingBlockSenderEditResponsePatternType = "UNKNOWN"`
- `Comments string`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
response, err := client.EmailSecurity.Settings.BlockSenders.Edit(
context.TODO(),
int64(2402),
email_security.SettingBlockSenderEditParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
},
)
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", response.ID)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"id": 2402,
"created_at": "2019-12-27T18:11:19.117Z",
"is_regex": true,
"last_modified": "2019-12-27T18:11:19.117Z",
"pattern": "x",
"pattern_type": "EMAIL",
"comments": "comments"
},
"success": true
}
```
## Delete a blocked email sender
`client.EmailSecurity.Settings.BlockSenders.Delete(ctx, patternID, body) (*SettingBlockSenderDeleteResponse, error)`
**delete** `/accounts/{account_id}/email-security/settings/block_senders/{pattern_id}`
Removes a sender from the email block list, allowing their messages to be delivered
normally.
### Parameters
- `patternID int64`
The unique identifier for the allow policy.
- `body SettingBlockSenderDeleteParams`
- `AccountID param.Field[string]`
Account Identifier
### Returns
- `type SettingBlockSenderDeleteResponse struct{…}`
- `ID int64`
The unique identifier for the allow policy.
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
blockSender, err := client.EmailSecurity.Settings.BlockSenders.Delete(
context.TODO(),
int64(2402),
email_security.SettingBlockSenderDeleteParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
},
)
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", blockSender.ID)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"id": 2402
},
"success": true
}
```
# Domains
## List protected email domains
`client.EmailSecurity.Settings.Domains.List(ctx, params) (*V4PagePaginationArray[SettingDomainListResponse], error)`
**get** `/accounts/{account_id}/email-security/settings/domains`
Lists, searches, and sorts an account’s email domains.
### Parameters
- `params SettingDomainListParams`
- `AccountID param.Field[string]`
Path param: Account Identifier
- `ActiveDeliveryMode param.Field[SettingDomainListParamsActiveDeliveryMode]`
Query param: Filters response to domains with the currently active delivery mode.
- `const SettingDomainListParamsActiveDeliveryModeDirect SettingDomainListParamsActiveDeliveryMode = "DIRECT"`
- `const SettingDomainListParamsActiveDeliveryModeBcc SettingDomainListParamsActiveDeliveryMode = "BCC"`
- `const SettingDomainListParamsActiveDeliveryModeJournal SettingDomainListParamsActiveDeliveryMode = "JOURNAL"`
- `const SettingDomainListParamsActiveDeliveryModeAPI SettingDomainListParamsActiveDeliveryMode = "API"`
- `const SettingDomainListParamsActiveDeliveryModeRetroScan SettingDomainListParamsActiveDeliveryMode = "RETRO_SCAN"`
- `AllowedDeliveryMode param.Field[SettingDomainListParamsAllowedDeliveryMode]`
Query param: Filters response to domains with the provided delivery mode.
- `const SettingDomainListParamsAllowedDeliveryModeDirect SettingDomainListParamsAllowedDeliveryMode = "DIRECT"`
- `const SettingDomainListParamsAllowedDeliveryModeBcc SettingDomainListParamsAllowedDeliveryMode = "BCC"`
- `const SettingDomainListParamsAllowedDeliveryModeJournal SettingDomainListParamsAllowedDeliveryMode = "JOURNAL"`
- `const SettingDomainListParamsAllowedDeliveryModeAPI SettingDomainListParamsAllowedDeliveryMode = "API"`
- `const SettingDomainListParamsAllowedDeliveryModeRetroScan SettingDomainListParamsAllowedDeliveryMode = "RETRO_SCAN"`
- `Direction param.Field[SettingDomainListParamsDirection]`
Query param: The sorting direction.
- `const SettingDomainListParamsDirectionAsc SettingDomainListParamsDirection = "asc"`
- `const SettingDomainListParamsDirectionDesc SettingDomainListParamsDirection = "desc"`
- `Domain param.Field[[]string]`
Query param: Filters results by the provided domains, allowing for multiple occurrences.
- `IntegrationID param.Field[string]`
Query param: Filters response to domains with the provided integration ID.
- `Order param.Field[SettingDomainListParamsOrder]`
Query param: The field to sort by.
- `const SettingDomainListParamsOrderDomain SettingDomainListParamsOrder = "domain"`
- `const SettingDomainListParamsOrderCreatedAt SettingDomainListParamsOrder = "created_at"`
- `Page param.Field[int64]`
Query param: The page number of paginated results.
- `PerPage param.Field[int64]`
Query param: The number of results per page.
- `Search param.Field[string]`
Query param: Allows searching in multiple properties of a record simultaneously.
This parameter is intended for human users, not automation. Its exact
behavior is intentionally left unspecified and is subject to change
in the future.
### Returns
- `type SettingDomainListResponse struct{…}`
- `ID int64`
The unique identifier for the domain.
- `AllowedDeliveryModes []SettingDomainListResponseAllowedDeliveryMode`
- `const SettingDomainListResponseAllowedDeliveryModeDirect SettingDomainListResponseAllowedDeliveryMode = "DIRECT"`
- `const SettingDomainListResponseAllowedDeliveryModeBcc SettingDomainListResponseAllowedDeliveryMode = "BCC"`
- `const SettingDomainListResponseAllowedDeliveryModeJournal SettingDomainListResponseAllowedDeliveryMode = "JOURNAL"`
- `const SettingDomainListResponseAllowedDeliveryModeAPI SettingDomainListResponseAllowedDeliveryMode = "API"`
- `const SettingDomainListResponseAllowedDeliveryModeRetroScan SettingDomainListResponseAllowedDeliveryMode = "RETRO_SCAN"`
- `CreatedAt Time`
- `Domain string`
- `DropDispositions []SettingDomainListResponseDropDisposition`
- `const SettingDomainListResponseDropDispositionMalicious SettingDomainListResponseDropDisposition = "MALICIOUS"`
- `const SettingDomainListResponseDropDispositionMaliciousBec SettingDomainListResponseDropDisposition = "MALICIOUS-BEC"`
- `const SettingDomainListResponseDropDispositionSuspicious SettingDomainListResponseDropDisposition = "SUSPICIOUS"`
- `const SettingDomainListResponseDropDispositionSpoof SettingDomainListResponseDropDisposition = "SPOOF"`
- `const SettingDomainListResponseDropDispositionSpam SettingDomainListResponseDropDisposition = "SPAM"`
- `const SettingDomainListResponseDropDispositionBulk SettingDomainListResponseDropDisposition = "BULK"`
- `const SettingDomainListResponseDropDispositionEncrypted SettingDomainListResponseDropDisposition = "ENCRYPTED"`
- `const SettingDomainListResponseDropDispositionExternal SettingDomainListResponseDropDisposition = "EXTERNAL"`
- `const SettingDomainListResponseDropDispositionUnknown SettingDomainListResponseDropDisposition = "UNKNOWN"`
- `const SettingDomainListResponseDropDispositionNone SettingDomainListResponseDropDisposition = "NONE"`
- `IPRestrictions []string`
- `LastModified Time`
- `LookbackHops int64`
- `Regions []SettingDomainListResponseRegion`
- `const SettingDomainListResponseRegionGlobal SettingDomainListResponseRegion = "GLOBAL"`
- `const SettingDomainListResponseRegionAu SettingDomainListResponseRegion = "AU"`
- `const SettingDomainListResponseRegionDe SettingDomainListResponseRegion = "DE"`
- `const SettingDomainListResponseRegionIn SettingDomainListResponseRegion = "IN"`
- `const SettingDomainListResponseRegionUs SettingDomainListResponseRegion = "US"`
- `Transport string`
- `Authorization SettingDomainListResponseAuthorization`
- `Authorized bool`
- `Timestamp Time`
- `StatusMessage string`
- `DMARCStatus SettingDomainListResponseDMARCStatus`
- `const SettingDomainListResponseDMARCStatusNone SettingDomainListResponseDMARCStatus = "none"`
- `const SettingDomainListResponseDMARCStatusGood SettingDomainListResponseDMARCStatus = "good"`
- `const SettingDomainListResponseDMARCStatusInvalid SettingDomainListResponseDMARCStatus = "invalid"`
- `EmailsProcessed SettingDomainListResponseEmailsProcessed`
- `Timestamp Time`
- `TotalEmailsProcessed int64`
- `TotalEmailsProcessedPrevious int64`
- `Folder SettingDomainListResponseFolder`
- `const SettingDomainListResponseFolderAllItems SettingDomainListResponseFolder = "AllItems"`
- `const SettingDomainListResponseFolderInbox SettingDomainListResponseFolder = "Inbox"`
- `InboxProvider SettingDomainListResponseInboxProvider`
- `const SettingDomainListResponseInboxProviderMicrosoft SettingDomainListResponseInboxProvider = "Microsoft"`
- `const SettingDomainListResponseInboxProviderGoogle SettingDomainListResponseInboxProvider = "Google"`
- `IntegrationID string`
- `O365TenantID string`
- `RequireTLSInbound bool`
- `RequireTLSOutbound bool`
- `SPFStatus SettingDomainListResponseSPFStatus`
- `const SettingDomainListResponseSPFStatusNone SettingDomainListResponseSPFStatus = "none"`
- `const SettingDomainListResponseSPFStatusGood SettingDomainListResponseSPFStatus = "good"`
- `const SettingDomainListResponseSPFStatusNeutral SettingDomainListResponseSPFStatus = "neutral"`
- `const SettingDomainListResponseSPFStatusOpen SettingDomainListResponseSPFStatus = "open"`
- `const SettingDomainListResponseSPFStatusInvalid SettingDomainListResponseSPFStatus = "invalid"`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
page, err := client.EmailSecurity.Settings.Domains.List(context.TODO(), email_security.SettingDomainListParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
})
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", page)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": [
{
"id": 2400,
"allowed_delivery_modes": [
"API"
],
"created_at": "2023-11-14T22:13:20Z",
"domain": "example.com",
"drop_dispositions": [
"MALICIOUS",
"SPAM"
],
"ip_restrictions": [
"string"
],
"last_modified": "2023-11-14T22:13:20Z",
"lookback_hops": 2,
"regions": [
"GLOBAL"
],
"transport": "example.com",
"authorization": {
"authorized": true,
"timestamp": "2019-12-27T18:11:19.117Z",
"status_message": "status_message"
},
"dmarc_status": "good",
"emails_processed": {
"timestamp": "2019-12-27T18:11:19.117Z",
"total_emails_processed": 0,
"total_emails_processed_previous": 0
},
"folder": "Inbox",
"inbox_provider": "Microsoft",
"integration_id": "a5dbb180-60ea-4578-84bb-d01a5d4e50c3",
"o365_tenant_id": "c3c3239d-8858-47df-9618-0e2d9bdf6aa8",
"require_tls_inbound": false,
"require_tls_outbound": true,
"spf_status": "good"
}
],
"result_info": {
"count": 1,
"page": 1,
"per_page": 20,
"total_count": 2000
},
"success": true
}
```
## Get an email domain
`client.EmailSecurity.Settings.Domains.Get(ctx, domainID, query) (*SettingDomainGetResponse, error)`
**get** `/accounts/{account_id}/email-security/settings/domains/{domain_id}`
Gets configuration details for a specific domain in email security.
### Parameters
- `domainID int64`
The unique identifier for the domain.
- `query SettingDomainGetParams`
- `AccountID param.Field[string]`
Account Identifier
### Returns
- `type SettingDomainGetResponse struct{…}`
- `ID int64`
The unique identifier for the domain.
- `AllowedDeliveryModes []SettingDomainGetResponseAllowedDeliveryMode`
- `const SettingDomainGetResponseAllowedDeliveryModeDirect SettingDomainGetResponseAllowedDeliveryMode = "DIRECT"`
- `const SettingDomainGetResponseAllowedDeliveryModeBcc SettingDomainGetResponseAllowedDeliveryMode = "BCC"`
- `const SettingDomainGetResponseAllowedDeliveryModeJournal SettingDomainGetResponseAllowedDeliveryMode = "JOURNAL"`
- `const SettingDomainGetResponseAllowedDeliveryModeAPI SettingDomainGetResponseAllowedDeliveryMode = "API"`
- `const SettingDomainGetResponseAllowedDeliveryModeRetroScan SettingDomainGetResponseAllowedDeliveryMode = "RETRO_SCAN"`
- `CreatedAt Time`
- `Domain string`
- `DropDispositions []SettingDomainGetResponseDropDisposition`
- `const SettingDomainGetResponseDropDispositionMalicious SettingDomainGetResponseDropDisposition = "MALICIOUS"`
- `const SettingDomainGetResponseDropDispositionMaliciousBec SettingDomainGetResponseDropDisposition = "MALICIOUS-BEC"`
- `const SettingDomainGetResponseDropDispositionSuspicious SettingDomainGetResponseDropDisposition = "SUSPICIOUS"`
- `const SettingDomainGetResponseDropDispositionSpoof SettingDomainGetResponseDropDisposition = "SPOOF"`
- `const SettingDomainGetResponseDropDispositionSpam SettingDomainGetResponseDropDisposition = "SPAM"`
- `const SettingDomainGetResponseDropDispositionBulk SettingDomainGetResponseDropDisposition = "BULK"`
- `const SettingDomainGetResponseDropDispositionEncrypted SettingDomainGetResponseDropDisposition = "ENCRYPTED"`
- `const SettingDomainGetResponseDropDispositionExternal SettingDomainGetResponseDropDisposition = "EXTERNAL"`
- `const SettingDomainGetResponseDropDispositionUnknown SettingDomainGetResponseDropDisposition = "UNKNOWN"`
- `const SettingDomainGetResponseDropDispositionNone SettingDomainGetResponseDropDisposition = "NONE"`
- `IPRestrictions []string`
- `LastModified Time`
- `LookbackHops int64`
- `Regions []SettingDomainGetResponseRegion`
- `const SettingDomainGetResponseRegionGlobal SettingDomainGetResponseRegion = "GLOBAL"`
- `const SettingDomainGetResponseRegionAu SettingDomainGetResponseRegion = "AU"`
- `const SettingDomainGetResponseRegionDe SettingDomainGetResponseRegion = "DE"`
- `const SettingDomainGetResponseRegionIn SettingDomainGetResponseRegion = "IN"`
- `const SettingDomainGetResponseRegionUs SettingDomainGetResponseRegion = "US"`
- `Transport string`
- `Authorization SettingDomainGetResponseAuthorization`
- `Authorized bool`
- `Timestamp Time`
- `StatusMessage string`
- `DMARCStatus SettingDomainGetResponseDMARCStatus`
- `const SettingDomainGetResponseDMARCStatusNone SettingDomainGetResponseDMARCStatus = "none"`
- `const SettingDomainGetResponseDMARCStatusGood SettingDomainGetResponseDMARCStatus = "good"`
- `const SettingDomainGetResponseDMARCStatusInvalid SettingDomainGetResponseDMARCStatus = "invalid"`
- `EmailsProcessed SettingDomainGetResponseEmailsProcessed`
- `Timestamp Time`
- `TotalEmailsProcessed int64`
- `TotalEmailsProcessedPrevious int64`
- `Folder SettingDomainGetResponseFolder`
- `const SettingDomainGetResponseFolderAllItems SettingDomainGetResponseFolder = "AllItems"`
- `const SettingDomainGetResponseFolderInbox SettingDomainGetResponseFolder = "Inbox"`
- `InboxProvider SettingDomainGetResponseInboxProvider`
- `const SettingDomainGetResponseInboxProviderMicrosoft SettingDomainGetResponseInboxProvider = "Microsoft"`
- `const SettingDomainGetResponseInboxProviderGoogle SettingDomainGetResponseInboxProvider = "Google"`
- `IntegrationID string`
- `O365TenantID string`
- `RequireTLSInbound bool`
- `RequireTLSOutbound bool`
- `SPFStatus SettingDomainGetResponseSPFStatus`
- `const SettingDomainGetResponseSPFStatusNone SettingDomainGetResponseSPFStatus = "none"`
- `const SettingDomainGetResponseSPFStatusGood SettingDomainGetResponseSPFStatus = "good"`
- `const SettingDomainGetResponseSPFStatusNeutral SettingDomainGetResponseSPFStatus = "neutral"`
- `const SettingDomainGetResponseSPFStatusOpen SettingDomainGetResponseSPFStatus = "open"`
- `const SettingDomainGetResponseSPFStatusInvalid SettingDomainGetResponseSPFStatus = "invalid"`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
domain, err := client.EmailSecurity.Settings.Domains.Get(
context.TODO(),
int64(2400),
email_security.SettingDomainGetParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
},
)
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", domain.ID)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"id": 2400,
"allowed_delivery_modes": [
"API"
],
"created_at": "2023-11-14T22:13:20Z",
"domain": "example.com",
"drop_dispositions": [
"MALICIOUS",
"SPAM"
],
"ip_restrictions": [
"string"
],
"last_modified": "2023-11-14T22:13:20Z",
"lookback_hops": 2,
"regions": [
"GLOBAL"
],
"transport": "example.com",
"authorization": {
"authorized": true,
"timestamp": "2019-12-27T18:11:19.117Z",
"status_message": "status_message"
},
"dmarc_status": "good",
"emails_processed": {
"timestamp": "2019-12-27T18:11:19.117Z",
"total_emails_processed": 0,
"total_emails_processed_previous": 0
},
"folder": "Inbox",
"inbox_provider": "Microsoft",
"integration_id": "a5dbb180-60ea-4578-84bb-d01a5d4e50c3",
"o365_tenant_id": "c3c3239d-8858-47df-9618-0e2d9bdf6aa8",
"require_tls_inbound": false,
"require_tls_outbound": true,
"spf_status": "good"
},
"success": true
}
```
## Update an email domain
`client.EmailSecurity.Settings.Domains.Edit(ctx, domainID, params) (*SettingDomainEditResponse, error)`
**patch** `/accounts/{account_id}/email-security/settings/domains/{domain_id}`
Updates configuration for a domain in email security.
### Parameters
- `domainID int64`
The unique identifier for the domain.
- `params SettingDomainEditParams`
- `AccountID param.Field[string]`
Path param: Account Identifier
- `IPRestrictions param.Field[[]string]`
Body param
- `AllowedDeliveryModes param.Field[[]SettingDomainEditParamsAllowedDeliveryMode]`
Body param
- `const SettingDomainEditParamsAllowedDeliveryModeDirect SettingDomainEditParamsAllowedDeliveryMode = "DIRECT"`
- `const SettingDomainEditParamsAllowedDeliveryModeBcc SettingDomainEditParamsAllowedDeliveryMode = "BCC"`
- `const SettingDomainEditParamsAllowedDeliveryModeJournal SettingDomainEditParamsAllowedDeliveryMode = "JOURNAL"`
- `const SettingDomainEditParamsAllowedDeliveryModeAPI SettingDomainEditParamsAllowedDeliveryMode = "API"`
- `const SettingDomainEditParamsAllowedDeliveryModeRetroScan SettingDomainEditParamsAllowedDeliveryMode = "RETRO_SCAN"`
- `Domain param.Field[string]`
Body param
- `DropDispositions param.Field[[]SettingDomainEditParamsDropDisposition]`
Body param
- `const SettingDomainEditParamsDropDispositionMalicious SettingDomainEditParamsDropDisposition = "MALICIOUS"`
- `const SettingDomainEditParamsDropDispositionMaliciousBec SettingDomainEditParamsDropDisposition = "MALICIOUS-BEC"`
- `const SettingDomainEditParamsDropDispositionSuspicious SettingDomainEditParamsDropDisposition = "SUSPICIOUS"`
- `const SettingDomainEditParamsDropDispositionSpoof SettingDomainEditParamsDropDisposition = "SPOOF"`
- `const SettingDomainEditParamsDropDispositionSpam SettingDomainEditParamsDropDisposition = "SPAM"`
- `const SettingDomainEditParamsDropDispositionBulk SettingDomainEditParamsDropDisposition = "BULK"`
- `const SettingDomainEditParamsDropDispositionEncrypted SettingDomainEditParamsDropDisposition = "ENCRYPTED"`
- `const SettingDomainEditParamsDropDispositionExternal SettingDomainEditParamsDropDisposition = "EXTERNAL"`
- `const SettingDomainEditParamsDropDispositionUnknown SettingDomainEditParamsDropDisposition = "UNKNOWN"`
- `const SettingDomainEditParamsDropDispositionNone SettingDomainEditParamsDropDisposition = "NONE"`
- `Folder param.Field[SettingDomainEditParamsFolder]`
Body param
- `const SettingDomainEditParamsFolderAllItems SettingDomainEditParamsFolder = "AllItems"`
- `const SettingDomainEditParamsFolderInbox SettingDomainEditParamsFolder = "Inbox"`
- `IntegrationID param.Field[string]`
Body param
- `LookbackHops param.Field[int64]`
Body param
- `Regions param.Field[[]SettingDomainEditParamsRegion]`
Body param
- `const SettingDomainEditParamsRegionGlobal SettingDomainEditParamsRegion = "GLOBAL"`
- `const SettingDomainEditParamsRegionAu SettingDomainEditParamsRegion = "AU"`
- `const SettingDomainEditParamsRegionDe SettingDomainEditParamsRegion = "DE"`
- `const SettingDomainEditParamsRegionIn SettingDomainEditParamsRegion = "IN"`
- `const SettingDomainEditParamsRegionUs SettingDomainEditParamsRegion = "US"`
- `RequireTLSInbound param.Field[bool]`
Body param
- `RequireTLSOutbound param.Field[bool]`
Body param
- `Transport param.Field[string]`
Body param
### Returns
- `type SettingDomainEditResponse struct{…}`
- `ID int64`
The unique identifier for the domain.
- `AllowedDeliveryModes []SettingDomainEditResponseAllowedDeliveryMode`
- `const SettingDomainEditResponseAllowedDeliveryModeDirect SettingDomainEditResponseAllowedDeliveryMode = "DIRECT"`
- `const SettingDomainEditResponseAllowedDeliveryModeBcc SettingDomainEditResponseAllowedDeliveryMode = "BCC"`
- `const SettingDomainEditResponseAllowedDeliveryModeJournal SettingDomainEditResponseAllowedDeliveryMode = "JOURNAL"`
- `const SettingDomainEditResponseAllowedDeliveryModeAPI SettingDomainEditResponseAllowedDeliveryMode = "API"`
- `const SettingDomainEditResponseAllowedDeliveryModeRetroScan SettingDomainEditResponseAllowedDeliveryMode = "RETRO_SCAN"`
- `CreatedAt Time`
- `Domain string`
- `DropDispositions []SettingDomainEditResponseDropDisposition`
- `const SettingDomainEditResponseDropDispositionMalicious SettingDomainEditResponseDropDisposition = "MALICIOUS"`
- `const SettingDomainEditResponseDropDispositionMaliciousBec SettingDomainEditResponseDropDisposition = "MALICIOUS-BEC"`
- `const SettingDomainEditResponseDropDispositionSuspicious SettingDomainEditResponseDropDisposition = "SUSPICIOUS"`
- `const SettingDomainEditResponseDropDispositionSpoof SettingDomainEditResponseDropDisposition = "SPOOF"`
- `const SettingDomainEditResponseDropDispositionSpam SettingDomainEditResponseDropDisposition = "SPAM"`
- `const SettingDomainEditResponseDropDispositionBulk SettingDomainEditResponseDropDisposition = "BULK"`
- `const SettingDomainEditResponseDropDispositionEncrypted SettingDomainEditResponseDropDisposition = "ENCRYPTED"`
- `const SettingDomainEditResponseDropDispositionExternal SettingDomainEditResponseDropDisposition = "EXTERNAL"`
- `const SettingDomainEditResponseDropDispositionUnknown SettingDomainEditResponseDropDisposition = "UNKNOWN"`
- `const SettingDomainEditResponseDropDispositionNone SettingDomainEditResponseDropDisposition = "NONE"`
- `IPRestrictions []string`
- `LastModified Time`
- `LookbackHops int64`
- `Regions []SettingDomainEditResponseRegion`
- `const SettingDomainEditResponseRegionGlobal SettingDomainEditResponseRegion = "GLOBAL"`
- `const SettingDomainEditResponseRegionAu SettingDomainEditResponseRegion = "AU"`
- `const SettingDomainEditResponseRegionDe SettingDomainEditResponseRegion = "DE"`
- `const SettingDomainEditResponseRegionIn SettingDomainEditResponseRegion = "IN"`
- `const SettingDomainEditResponseRegionUs SettingDomainEditResponseRegion = "US"`
- `Transport string`
- `Authorization SettingDomainEditResponseAuthorization`
- `Authorized bool`
- `Timestamp Time`
- `StatusMessage string`
- `DMARCStatus SettingDomainEditResponseDMARCStatus`
- `const SettingDomainEditResponseDMARCStatusNone SettingDomainEditResponseDMARCStatus = "none"`
- `const SettingDomainEditResponseDMARCStatusGood SettingDomainEditResponseDMARCStatus = "good"`
- `const SettingDomainEditResponseDMARCStatusInvalid SettingDomainEditResponseDMARCStatus = "invalid"`
- `EmailsProcessed SettingDomainEditResponseEmailsProcessed`
- `Timestamp Time`
- `TotalEmailsProcessed int64`
- `TotalEmailsProcessedPrevious int64`
- `Folder SettingDomainEditResponseFolder`
- `const SettingDomainEditResponseFolderAllItems SettingDomainEditResponseFolder = "AllItems"`
- `const SettingDomainEditResponseFolderInbox SettingDomainEditResponseFolder = "Inbox"`
- `InboxProvider SettingDomainEditResponseInboxProvider`
- `const SettingDomainEditResponseInboxProviderMicrosoft SettingDomainEditResponseInboxProvider = "Microsoft"`
- `const SettingDomainEditResponseInboxProviderGoogle SettingDomainEditResponseInboxProvider = "Google"`
- `IntegrationID string`
- `O365TenantID string`
- `RequireTLSInbound bool`
- `RequireTLSOutbound bool`
- `SPFStatus SettingDomainEditResponseSPFStatus`
- `const SettingDomainEditResponseSPFStatusNone SettingDomainEditResponseSPFStatus = "none"`
- `const SettingDomainEditResponseSPFStatusGood SettingDomainEditResponseSPFStatus = "good"`
- `const SettingDomainEditResponseSPFStatusNeutral SettingDomainEditResponseSPFStatus = "neutral"`
- `const SettingDomainEditResponseSPFStatusOpen SettingDomainEditResponseSPFStatus = "open"`
- `const SettingDomainEditResponseSPFStatusInvalid SettingDomainEditResponseSPFStatus = "invalid"`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
response, err := client.EmailSecurity.Settings.Domains.Edit(
context.TODO(),
int64(2400),
email_security.SettingDomainEditParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
IPRestrictions: cloudflare.F([]string{"192.0.2.0/24", "2001:db8::/32"}),
},
)
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", response.ID)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"id": 2400,
"allowed_delivery_modes": [
"API"
],
"created_at": "2023-11-14T22:13:20Z",
"domain": "example.com",
"drop_dispositions": [
"MALICIOUS",
"SPAM"
],
"ip_restrictions": [
"string"
],
"last_modified": "2023-11-14T22:13:20Z",
"lookback_hops": 2,
"regions": [
"GLOBAL"
],
"transport": "example.com",
"authorization": {
"authorized": true,
"timestamp": "2019-12-27T18:11:19.117Z",
"status_message": "status_message"
},
"dmarc_status": "good",
"emails_processed": {
"timestamp": "2019-12-27T18:11:19.117Z",
"total_emails_processed": 0,
"total_emails_processed_previous": 0
},
"folder": "Inbox",
"inbox_provider": "Microsoft",
"integration_id": "a5dbb180-60ea-4578-84bb-d01a5d4e50c3",
"o365_tenant_id": "c3c3239d-8858-47df-9618-0e2d9bdf6aa8",
"require_tls_inbound": false,
"require_tls_outbound": true,
"spf_status": "good"
},
"success": true
}
```
## Unprotect an email domain
`client.EmailSecurity.Settings.Domains.Delete(ctx, domainID, body) (*SettingDomainDeleteResponse, error)`
**delete** `/accounts/{account_id}/email-security/settings/domains/{domain_id}`
Unprotect an email domain
### Parameters
- `domainID int64`
The unique identifier for the domain.
- `body SettingDomainDeleteParams`
- `AccountID param.Field[string]`
Account Identifier
### Returns
- `type SettingDomainDeleteResponse struct{…}`
- `ID int64`
The unique identifier for the domain.
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
domain, err := client.EmailSecurity.Settings.Domains.Delete(
context.TODO(),
int64(2400),
email_security.SettingDomainDeleteParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
},
)
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", domain.ID)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"id": 2400
},
"success": true
}
```
## Unprotect multiple email domains
`client.EmailSecurity.Settings.Domains.BulkDelete(ctx, body) (*SinglePage[SettingDomainBulkDeleteResponse], error)`
**delete** `/accounts/{account_id}/email-security/settings/domains`
Bulk removes multiple domains from email security configuration in a single request.
### Parameters
- `body SettingDomainBulkDeleteParams`
- `AccountID param.Field[string]`
Account Identifier
### Returns
- `type SettingDomainBulkDeleteResponse struct{…}`
- `ID int64`
The unique identifier for the domain.
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
page, err := client.EmailSecurity.Settings.Domains.BulkDelete(context.TODO(), email_security.SettingDomainBulkDeleteParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
})
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", page)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": [
{
"id": 2400
}
],
"success": true
}
```
# Impersonation Registry
## List entries in impersonation registry
`client.EmailSecurity.Settings.ImpersonationRegistry.List(ctx, params) (*V4PagePaginationArray[SettingImpersonationRegistryListResponse], error)`
**get** `/accounts/{account_id}/email-security/settings/impersonation_registry`
Lists, searches, and sorts entries in the impersonation registry.
### Parameters
- `params SettingImpersonationRegistryListParams`
- `AccountID param.Field[string]`
Path param: Account Identifier
- `Direction param.Field[SettingImpersonationRegistryListParamsDirection]`
Query param: The sorting direction.
- `const SettingImpersonationRegistryListParamsDirectionAsc SettingImpersonationRegistryListParamsDirection = "asc"`
- `const SettingImpersonationRegistryListParamsDirectionDesc SettingImpersonationRegistryListParamsDirection = "desc"`
- `Order param.Field[SettingImpersonationRegistryListParamsOrder]`
Query param: The field to sort by.
- `const SettingImpersonationRegistryListParamsOrderName SettingImpersonationRegistryListParamsOrder = "name"`
- `const SettingImpersonationRegistryListParamsOrderEmail SettingImpersonationRegistryListParamsOrder = "email"`
- `const SettingImpersonationRegistryListParamsOrderCreatedAt SettingImpersonationRegistryListParamsOrder = "created_at"`
- `Page param.Field[int64]`
Query param: The page number of paginated results.
- `PerPage param.Field[int64]`
Query param: The number of results per page.
- `Provenance param.Field[SettingImpersonationRegistryListParamsProvenance]`
Query param
- `const SettingImpersonationRegistryListParamsProvenanceA1SInternal SettingImpersonationRegistryListParamsProvenance = "A1S_INTERNAL"`
- `const SettingImpersonationRegistryListParamsProvenanceSnoopyCasbOffice365 SettingImpersonationRegistryListParamsProvenance = "SNOOPY-CASB_OFFICE_365"`
- `const SettingImpersonationRegistryListParamsProvenanceSnoopyOffice365 SettingImpersonationRegistryListParamsProvenance = "SNOOPY-OFFICE_365"`
- `const SettingImpersonationRegistryListParamsProvenanceSnoopyGoogleDirectory SettingImpersonationRegistryListParamsProvenance = "SNOOPY-GOOGLE_DIRECTORY"`
- `Search param.Field[string]`
Query param: Allows searching in multiple properties of a record simultaneously.
This parameter is intended for human users, not automation. Its exact
behavior is intentionally left unspecified and is subject to change
in the future.
### Returns
- `type SettingImpersonationRegistryListResponse struct{…}`
- `ID int64`
- `CreatedAt Time`
- `Email string`
- `IsEmailRegex bool`
- `LastModified Time`
- `Name string`
- `Comments string`
- `DirectoryID int64`
- `DirectoryNodeID int64`
- `ExternalDirectoryNodeID string`
- `Provenance string`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
page, err := client.EmailSecurity.Settings.ImpersonationRegistry.List(context.TODO(), email_security.SettingImpersonationRegistryListParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
})
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", page)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": [
{
"id": 2403,
"created_at": "2019-12-27T18:11:19.117Z",
"email": "email",
"is_email_regex": true,
"last_modified": "2019-12-27T18:11:19.117Z",
"name": "name",
"comments": "comments",
"directory_id": 0,
"directory_node_id": 0,
"external_directory_node_id": "external_directory_node_id",
"provenance": "provenance"
}
],
"result_info": {
"count": 1,
"page": 1,
"per_page": 20,
"total_count": 2000
},
"success": true
}
```
## Get an entry in impersonation registry
`client.EmailSecurity.Settings.ImpersonationRegistry.Get(ctx, displayNameID, query) (*SettingImpersonationRegistryGetResponse, error)`
**get** `/accounts/{account_id}/email-security/settings/impersonation_registry/{display_name_id}`
Retrieves a display name entry used for impersonation protection.
### Parameters
- `displayNameID int64`
- `query SettingImpersonationRegistryGetParams`
- `AccountID param.Field[string]`
Account Identifier
### Returns
- `type SettingImpersonationRegistryGetResponse struct{…}`
- `ID int64`
- `CreatedAt Time`
- `Email string`
- `IsEmailRegex bool`
- `LastModified Time`
- `Name string`
- `Comments string`
- `DirectoryID int64`
- `DirectoryNodeID int64`
- `ExternalDirectoryNodeID string`
- `Provenance string`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
impersonationRegistry, err := client.EmailSecurity.Settings.ImpersonationRegistry.Get(
context.TODO(),
int64(2403),
email_security.SettingImpersonationRegistryGetParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
},
)
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", impersonationRegistry.ID)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"id": 2403,
"created_at": "2019-12-27T18:11:19.117Z",
"email": "email",
"is_email_regex": true,
"last_modified": "2019-12-27T18:11:19.117Z",
"name": "name",
"comments": "comments",
"directory_id": 0,
"directory_node_id": 0,
"external_directory_node_id": "external_directory_node_id",
"provenance": "provenance"
},
"success": true
}
```
## Create an entry in impersonation registry
`client.EmailSecurity.Settings.ImpersonationRegistry.New(ctx, params) (*SettingImpersonationRegistryNewResponse, error)`
**post** `/accounts/{account_id}/email-security/settings/impersonation_registry`
Creates a display name entry for email security impersonation protection.
### Parameters
- `params SettingImpersonationRegistryNewParams`
- `AccountID param.Field[string]`
Path param: Account Identifier
- `Email param.Field[string]`
Body param
- `IsEmailRegex param.Field[bool]`
Body param
- `Name param.Field[string]`
Body param
### Returns
- `type SettingImpersonationRegistryNewResponse struct{…}`
- `ID int64`
- `CreatedAt Time`
- `Email string`
- `IsEmailRegex bool`
- `LastModified Time`
- `Name string`
- `Comments string`
- `DirectoryID int64`
- `DirectoryNodeID int64`
- `ExternalDirectoryNodeID string`
- `Provenance string`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
impersonationRegistry, err := client.EmailSecurity.Settings.ImpersonationRegistry.New(context.TODO(), email_security.SettingImpersonationRegistryNewParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
Email: cloudflare.F("email"),
IsEmailRegex: cloudflare.F(true),
Name: cloudflare.F("name"),
})
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", impersonationRegistry.ID)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"id": 2403,
"created_at": "2019-12-27T18:11:19.117Z",
"email": "email",
"is_email_regex": true,
"last_modified": "2019-12-27T18:11:19.117Z",
"name": "name",
"comments": "comments",
"directory_id": 0,
"directory_node_id": 0,
"external_directory_node_id": "external_directory_node_id",
"provenance": "provenance"
},
"success": true
}
```
## Update an entry in impersonation registry
`client.EmailSecurity.Settings.ImpersonationRegistry.Edit(ctx, displayNameID, params) (*SettingImpersonationRegistryEditResponse, error)`
**patch** `/accounts/{account_id}/email-security/settings/impersonation_registry/{display_name_id}`
Updates a display name entry used for impersonation protection.
### Parameters
- `displayNameID int64`
- `params SettingImpersonationRegistryEditParams`
- `AccountID param.Field[string]`
Path param: Account Identifier
- `Email param.Field[string]`
Body param
- `IsEmailRegex param.Field[bool]`
Body param
- `Name param.Field[string]`
Body param
### Returns
- `type SettingImpersonationRegistryEditResponse struct{…}`
- `ID int64`
- `CreatedAt Time`
- `Email string`
- `IsEmailRegex bool`
- `LastModified Time`
- `Name string`
- `Comments string`
- `DirectoryID int64`
- `DirectoryNodeID int64`
- `ExternalDirectoryNodeID string`
- `Provenance string`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
response, err := client.EmailSecurity.Settings.ImpersonationRegistry.Edit(
context.TODO(),
int64(2403),
email_security.SettingImpersonationRegistryEditParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
},
)
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", response.ID)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"id": 2403,
"created_at": "2019-12-27T18:11:19.117Z",
"email": "email",
"is_email_regex": true,
"last_modified": "2019-12-27T18:11:19.117Z",
"name": "name",
"comments": "comments",
"directory_id": 0,
"directory_node_id": 0,
"external_directory_node_id": "external_directory_node_id",
"provenance": "provenance"
},
"success": true
}
```
## Delete an entry from impersonation registry
`client.EmailSecurity.Settings.ImpersonationRegistry.Delete(ctx, displayNameID, body) (*SettingImpersonationRegistryDeleteResponse, error)`
**delete** `/accounts/{account_id}/email-security/settings/impersonation_registry/{display_name_id}`
Removes a display name from impersonation protection monitoring.
### Parameters
- `displayNameID int64`
- `body SettingImpersonationRegistryDeleteParams`
- `AccountID param.Field[string]`
Account Identifier
### Returns
- `type SettingImpersonationRegistryDeleteResponse struct{…}`
- `ID int64`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
impersonationRegistry, err := client.EmailSecurity.Settings.ImpersonationRegistry.Delete(
context.TODO(),
int64(2403),
email_security.SettingImpersonationRegistryDeleteParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
},
)
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", impersonationRegistry.ID)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"id": 2403
},
"success": true
}
```
# Trusted Domains
## List trusted email domains
`client.EmailSecurity.Settings.TrustedDomains.List(ctx, params) (*V4PagePaginationArray[SettingTrustedDomainListResponse], error)`
**get** `/accounts/{account_id}/email-security/settings/trusted_domains`
Lists, searches, and sorts an account’s trusted email domains.
### Parameters
- `params SettingTrustedDomainListParams`
- `AccountID param.Field[string]`
Path param: Account Identifier
- `Direction param.Field[SettingTrustedDomainListParamsDirection]`
Query param: The sorting direction.
- `const SettingTrustedDomainListParamsDirectionAsc SettingTrustedDomainListParamsDirection = "asc"`
- `const SettingTrustedDomainListParamsDirectionDesc SettingTrustedDomainListParamsDirection = "desc"`
- `IsRecent param.Field[bool]`
Query param
- `IsSimilarity param.Field[bool]`
Query param
- `Order param.Field[SettingTrustedDomainListParamsOrder]`
Query param: The field to sort by.
- `const SettingTrustedDomainListParamsOrderPattern SettingTrustedDomainListParamsOrder = "pattern"`
- `const SettingTrustedDomainListParamsOrderCreatedAt SettingTrustedDomainListParamsOrder = "created_at"`
- `Page param.Field[int64]`
Query param: The page number of paginated results.
- `Pattern param.Field[string]`
Query param
- `PerPage param.Field[int64]`
Query param: The number of results per page.
- `Search param.Field[string]`
Query param: Allows searching in multiple properties of a record simultaneously.
This parameter is intended for human users, not automation. Its exact
behavior is intentionally left unspecified and is subject to change
in the future.
### Returns
- `type SettingTrustedDomainListResponse struct{…}`
- `ID int64`
The unique identifier for the trusted domain.
- `CreatedAt Time`
- `IsRecent bool`
Select to prevent recently registered domains from triggering a
Suspicious or Malicious disposition.
- `IsRegex bool`
- `IsSimilarity bool`
Select for partner or other approved domains that have similar
spelling to your connected domains. Prevents listed domains from
triggering a Spoof disposition.
- `LastModified Time`
- `Pattern string`
- `Comments string`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
page, err := client.EmailSecurity.Settings.TrustedDomains.List(context.TODO(), email_security.SettingTrustedDomainListParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
})
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", page)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": [
{
"id": 2401,
"created_at": "2019-12-27T18:11:19.117Z",
"is_recent": true,
"is_regex": true,
"is_similarity": true,
"last_modified": "2019-12-27T18:11:19.117Z",
"pattern": "x",
"comments": "comments"
}
],
"result_info": {
"count": 1,
"page": 1,
"per_page": 20,
"total_count": 2000
},
"success": true
}
```
## Get a trusted email domain
`client.EmailSecurity.Settings.TrustedDomains.Get(ctx, trustedDomainID, query) (*SettingTrustedDomainGetResponse, error)`
**get** `/accounts/{account_id}/email-security/settings/trusted_domains/{trusted_domain_id}`
Gets information about a specific trusted domain entry.
### Parameters
- `trustedDomainID int64`
The unique identifier for the trusted domain.
- `query SettingTrustedDomainGetParams`
- `AccountID param.Field[string]`
Account Identifier
### Returns
- `type SettingTrustedDomainGetResponse struct{…}`
- `ID int64`
The unique identifier for the trusted domain.
- `CreatedAt Time`
- `IsRecent bool`
Select to prevent recently registered domains from triggering a
Suspicious or Malicious disposition.
- `IsRegex bool`
- `IsSimilarity bool`
Select for partner or other approved domains that have similar
spelling to your connected domains. Prevents listed domains from
triggering a Spoof disposition.
- `LastModified Time`
- `Pattern string`
- `Comments string`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
trustedDomain, err := client.EmailSecurity.Settings.TrustedDomains.Get(
context.TODO(),
int64(2401),
email_security.SettingTrustedDomainGetParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
},
)
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", trustedDomain.ID)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"id": 2401,
"created_at": "2019-12-27T18:11:19.117Z",
"is_recent": true,
"is_regex": true,
"is_similarity": true,
"last_modified": "2019-12-27T18:11:19.117Z",
"pattern": "x",
"comments": "comments"
},
"success": true
}
```
## Create a trusted email domain
`client.EmailSecurity.Settings.TrustedDomains.New(ctx, params) (*SettingTrustedDomainNewResponseUnion, error)`
**post** `/accounts/{account_id}/email-security/settings/trusted_domains`
Adds a domain to the trusted domains list for email security, reducing false positive
detections.
### Parameters
- `params SettingTrustedDomainNewParams`
- `AccountID param.Field[string]`
Path param: Account Identifier
- `IsRecent param.Field[bool]`
Body param: Select to prevent recently registered domains from triggering a
Suspicious or Malicious disposition.
- `IsRegex param.Field[bool]`
Body param
- `IsSimilarity param.Field[bool]`
Body param: Select for partner or other approved domains that have similar
spelling to your connected domains. Prevents listed domains from
triggering a Spoof disposition.
- `Pattern param.Field[string]`
Body param
- `Comments param.Field[string]`
Body param
### Returns
- `type SettingTrustedDomainNewResponseUnion interface{…}`
- `type SettingTrustedDomainNewResponseEmailSecurityTrustedDomain struct{…}`
- `ID int64`
The unique identifier for the trusted domain.
- `CreatedAt Time`
- `IsRecent bool`
Select to prevent recently registered domains from triggering a
Suspicious or Malicious disposition.
- `IsRegex bool`
- `IsSimilarity bool`
Select for partner or other approved domains that have similar
spelling to your connected domains. Prevents listed domains from
triggering a Spoof disposition.
- `LastModified Time`
- `Pattern string`
- `Comments string`
- `type SettingTrustedDomainNewResponseArray []SettingTrustedDomainNewResponseArrayItem`
- `ID int64`
The unique identifier for the trusted domain.
- `CreatedAt Time`
- `IsRecent bool`
Select to prevent recently registered domains from triggering a
Suspicious or Malicious disposition.
- `IsRegex bool`
- `IsSimilarity bool`
Select for partner or other approved domains that have similar
spelling to your connected domains. Prevents listed domains from
triggering a Spoof disposition.
- `LastModified Time`
- `Pattern string`
- `Comments string`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
trustedDomain, err := client.EmailSecurity.Settings.TrustedDomains.New(context.TODO(), email_security.SettingTrustedDomainNewParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
Body: email_security.SettingTrustedDomainNewParamsBodyEmailSecurityCreateTrustedDomain{
IsRecent: cloudflare.F(true),
IsRegex: cloudflare.F(false),
IsSimilarity: cloudflare.F(false),
Pattern: cloudflare.F("example.com"),
},
})
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", trustedDomain)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"id": 2401,
"created_at": "2019-12-27T18:11:19.117Z",
"is_recent": true,
"is_regex": true,
"is_similarity": true,
"last_modified": "2019-12-27T18:11:19.117Z",
"pattern": "x",
"comments": "comments"
},
"success": true
}
```
## Update a trusted email domain
`client.EmailSecurity.Settings.TrustedDomains.Edit(ctx, trustedDomainID, params) (*SettingTrustedDomainEditResponse, error)`
**patch** `/accounts/{account_id}/email-security/settings/trusted_domains/{trusted_domain_id}`
Modifies a trusted domain entry's configuration.
### Parameters
- `trustedDomainID int64`
The unique identifier for the trusted domain.
- `params SettingTrustedDomainEditParams`
- `AccountID param.Field[string]`
Path param: Account Identifier
- `Comments param.Field[string]`
Body param
- `IsRecent param.Field[bool]`
Body param: Select to prevent recently registered domains from triggering a
Suspicious or Malicious disposition.
- `IsRegex param.Field[bool]`
Body param
- `IsSimilarity param.Field[bool]`
Body param: Select for partner or other approved domains that have similar
spelling to your connected domains. Prevents listed domains from
triggering a Spoof disposition.
- `Pattern param.Field[string]`
Body param
### Returns
- `type SettingTrustedDomainEditResponse struct{…}`
- `ID int64`
The unique identifier for the trusted domain.
- `CreatedAt Time`
- `IsRecent bool`
Select to prevent recently registered domains from triggering a
Suspicious or Malicious disposition.
- `IsRegex bool`
- `IsSimilarity bool`
Select for partner or other approved domains that have similar
spelling to your connected domains. Prevents listed domains from
triggering a Spoof disposition.
- `LastModified Time`
- `Pattern string`
- `Comments string`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
response, err := client.EmailSecurity.Settings.TrustedDomains.Edit(
context.TODO(),
int64(2401),
email_security.SettingTrustedDomainEditParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
},
)
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", response.ID)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"id": 2401,
"created_at": "2019-12-27T18:11:19.117Z",
"is_recent": true,
"is_regex": true,
"is_similarity": true,
"last_modified": "2019-12-27T18:11:19.117Z",
"pattern": "x",
"comments": "comments"
},
"success": true
}
```
## Delete a trusted email domain
`client.EmailSecurity.Settings.TrustedDomains.Delete(ctx, trustedDomainID, body) (*SettingTrustedDomainDeleteResponse, error)`
**delete** `/accounts/{account_id}/email-security/settings/trusted_domains/{trusted_domain_id}`
Removes a domain from the trusted domains list, subjecting it to normal security
scanning.
### Parameters
- `trustedDomainID int64`
The unique identifier for the trusted domain.
- `body SettingTrustedDomainDeleteParams`
- `AccountID param.Field[string]`
Account Identifier
### Returns
- `type SettingTrustedDomainDeleteResponse struct{…}`
- `ID int64`
The unique identifier for the trusted domain.
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
trustedDomain, err := client.EmailSecurity.Settings.TrustedDomains.Delete(
context.TODO(),
int64(2401),
email_security.SettingTrustedDomainDeleteParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
},
)
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", trustedDomain.ID)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": {
"id": 2401
},
"success": true
}
```
# Submissions
## Get reclassify submissions
`client.EmailSecurity.Submissions.List(ctx, params) (*V4PagePaginationArray[SubmissionListResponse], error)`
**get** `/accounts/{account_id}/email-security/submissions`
This endpoint returns information for submissions to made to reclassify emails.
### Parameters
- `params SubmissionListParams`
- `AccountID param.Field[string]`
Path param: Account Identifier
- `CustomerStatus param.Field[SubmissionListParamsCustomerStatus]`
Query param
- `const SubmissionListParamsCustomerStatusEscalated SubmissionListParamsCustomerStatus = "escalated"`
- `const SubmissionListParamsCustomerStatusReviewed SubmissionListParamsCustomerStatus = "reviewed"`
- `const SubmissionListParamsCustomerStatusUnreviewed SubmissionListParamsCustomerStatus = "unreviewed"`
- `End param.Field[Time]`
Query param: The end of the search date range.
Defaults to `now` if not provided.
- `OriginalDisposition param.Field[SubmissionListParamsOriginalDisposition]`
Query param
- `const SubmissionListParamsOriginalDispositionMalicious SubmissionListParamsOriginalDisposition = "MALICIOUS"`
- `const SubmissionListParamsOriginalDispositionSuspicious SubmissionListParamsOriginalDisposition = "SUSPICIOUS"`
- `const SubmissionListParamsOriginalDispositionSpoof SubmissionListParamsOriginalDisposition = "SPOOF"`
- `const SubmissionListParamsOriginalDispositionSpam SubmissionListParamsOriginalDisposition = "SPAM"`
- `const SubmissionListParamsOriginalDispositionBulk SubmissionListParamsOriginalDisposition = "BULK"`
- `const SubmissionListParamsOriginalDispositionNone SubmissionListParamsOriginalDisposition = "NONE"`
- `OutcomeDisposition param.Field[SubmissionListParamsOutcomeDisposition]`
Query param
- `const SubmissionListParamsOutcomeDispositionMalicious SubmissionListParamsOutcomeDisposition = "MALICIOUS"`
- `const SubmissionListParamsOutcomeDispositionSuspicious SubmissionListParamsOutcomeDisposition = "SUSPICIOUS"`
- `const SubmissionListParamsOutcomeDispositionSpoof SubmissionListParamsOutcomeDisposition = "SPOOF"`
- `const SubmissionListParamsOutcomeDispositionSpam SubmissionListParamsOutcomeDisposition = "SPAM"`
- `const SubmissionListParamsOutcomeDispositionBulk SubmissionListParamsOutcomeDisposition = "BULK"`
- `const SubmissionListParamsOutcomeDispositionNone SubmissionListParamsOutcomeDisposition = "NONE"`
- `Page param.Field[int64]`
Query param: The page number of paginated results.
- `PerPage param.Field[int64]`
Query param: The number of results per page.
- `Query param.Field[string]`
Query param
- `RequestedDisposition param.Field[SubmissionListParamsRequestedDisposition]`
Query param
- `const SubmissionListParamsRequestedDispositionMalicious SubmissionListParamsRequestedDisposition = "MALICIOUS"`
- `const SubmissionListParamsRequestedDispositionSuspicious SubmissionListParamsRequestedDisposition = "SUSPICIOUS"`
- `const SubmissionListParamsRequestedDispositionSpoof SubmissionListParamsRequestedDisposition = "SPOOF"`
- `const SubmissionListParamsRequestedDispositionSpam SubmissionListParamsRequestedDisposition = "SPAM"`
- `const SubmissionListParamsRequestedDispositionBulk SubmissionListParamsRequestedDisposition = "BULK"`
- `const SubmissionListParamsRequestedDispositionNone SubmissionListParamsRequestedDisposition = "NONE"`
- `Start param.Field[Time]`
Query param: The beginning of the search date range.
Defaults to `now - 30 days` if not provided.
- `Status param.Field[string]`
Query param
- `SubmissionID param.Field[string]`
Query param
- `Type param.Field[SubmissionListParamsType]`
Query param
- `const SubmissionListParamsTypeTeam SubmissionListParamsType = "TEAM"`
- `const SubmissionListParamsTypeUser SubmissionListParamsType = "USER"`
### Returns
- `type SubmissionListResponse struct{…}`
- `RequestedTs Time`
deprecated as of 2026-04-01, use `requested_at` instead.
- `SubmissionID string`
- `CustomerStatus SubmissionListResponseCustomerStatus`
- `const SubmissionListResponseCustomerStatusEscalated SubmissionListResponseCustomerStatus = "escalated"`
- `const SubmissionListResponseCustomerStatusReviewed SubmissionListResponseCustomerStatus = "reviewed"`
- `const SubmissionListResponseCustomerStatusUnreviewed SubmissionListResponseCustomerStatus = "unreviewed"`
- `EscalatedAs SubmissionListResponseEscalatedAs`
- `const SubmissionListResponseEscalatedAsMalicious SubmissionListResponseEscalatedAs = "MALICIOUS"`
- `const SubmissionListResponseEscalatedAsMaliciousBec SubmissionListResponseEscalatedAs = "MALICIOUS-BEC"`
- `const SubmissionListResponseEscalatedAsSuspicious SubmissionListResponseEscalatedAs = "SUSPICIOUS"`
- `const SubmissionListResponseEscalatedAsSpoof SubmissionListResponseEscalatedAs = "SPOOF"`
- `const SubmissionListResponseEscalatedAsSpam SubmissionListResponseEscalatedAs = "SPAM"`
- `const SubmissionListResponseEscalatedAsBulk SubmissionListResponseEscalatedAs = "BULK"`
- `const SubmissionListResponseEscalatedAsEncrypted SubmissionListResponseEscalatedAs = "ENCRYPTED"`
- `const SubmissionListResponseEscalatedAsExternal SubmissionListResponseEscalatedAs = "EXTERNAL"`
- `const SubmissionListResponseEscalatedAsUnknown SubmissionListResponseEscalatedAs = "UNKNOWN"`
- `const SubmissionListResponseEscalatedAsNone SubmissionListResponseEscalatedAs = "NONE"`
- `EscalatedAt Time`
- `EscalatedBy string`
- `EscalatedSubmissionID string`
- `OriginalDisposition SubmissionListResponseOriginalDisposition`
- `const SubmissionListResponseOriginalDispositionMalicious SubmissionListResponseOriginalDisposition = "MALICIOUS"`
- `const SubmissionListResponseOriginalDispositionMaliciousBec SubmissionListResponseOriginalDisposition = "MALICIOUS-BEC"`
- `const SubmissionListResponseOriginalDispositionSuspicious SubmissionListResponseOriginalDisposition = "SUSPICIOUS"`
- `const SubmissionListResponseOriginalDispositionSpoof SubmissionListResponseOriginalDisposition = "SPOOF"`
- `const SubmissionListResponseOriginalDispositionSpam SubmissionListResponseOriginalDisposition = "SPAM"`
- `const SubmissionListResponseOriginalDispositionBulk SubmissionListResponseOriginalDisposition = "BULK"`
- `const SubmissionListResponseOriginalDispositionEncrypted SubmissionListResponseOriginalDisposition = "ENCRYPTED"`
- `const SubmissionListResponseOriginalDispositionExternal SubmissionListResponseOriginalDisposition = "EXTERNAL"`
- `const SubmissionListResponseOriginalDispositionUnknown SubmissionListResponseOriginalDisposition = "UNKNOWN"`
- `const SubmissionListResponseOriginalDispositionNone SubmissionListResponseOriginalDisposition = "NONE"`
- `OriginalEdfHash string`
- `OriginalPostfixID string`
- `Outcome string`
- `OutcomeDisposition SubmissionListResponseOutcomeDisposition`
- `const SubmissionListResponseOutcomeDispositionMalicious SubmissionListResponseOutcomeDisposition = "MALICIOUS"`
- `const SubmissionListResponseOutcomeDispositionMaliciousBec SubmissionListResponseOutcomeDisposition = "MALICIOUS-BEC"`
- `const SubmissionListResponseOutcomeDispositionSuspicious SubmissionListResponseOutcomeDisposition = "SUSPICIOUS"`
- `const SubmissionListResponseOutcomeDispositionSpoof SubmissionListResponseOutcomeDisposition = "SPOOF"`
- `const SubmissionListResponseOutcomeDispositionSpam SubmissionListResponseOutcomeDisposition = "SPAM"`
- `const SubmissionListResponseOutcomeDispositionBulk SubmissionListResponseOutcomeDisposition = "BULK"`
- `const SubmissionListResponseOutcomeDispositionEncrypted SubmissionListResponseOutcomeDisposition = "ENCRYPTED"`
- `const SubmissionListResponseOutcomeDispositionExternal SubmissionListResponseOutcomeDisposition = "EXTERNAL"`
- `const SubmissionListResponseOutcomeDispositionUnknown SubmissionListResponseOutcomeDisposition = "UNKNOWN"`
- `const SubmissionListResponseOutcomeDispositionNone SubmissionListResponseOutcomeDisposition = "NONE"`
- `RequestedAt Time`
- `RequestedBy string`
- `RequestedDisposition SubmissionListResponseRequestedDisposition`
- `const SubmissionListResponseRequestedDispositionMalicious SubmissionListResponseRequestedDisposition = "MALICIOUS"`
- `const SubmissionListResponseRequestedDispositionMaliciousBec SubmissionListResponseRequestedDisposition = "MALICIOUS-BEC"`
- `const SubmissionListResponseRequestedDispositionSuspicious SubmissionListResponseRequestedDisposition = "SUSPICIOUS"`
- `const SubmissionListResponseRequestedDispositionSpoof SubmissionListResponseRequestedDisposition = "SPOOF"`
- `const SubmissionListResponseRequestedDispositionSpam SubmissionListResponseRequestedDisposition = "SPAM"`
- `const SubmissionListResponseRequestedDispositionBulk SubmissionListResponseRequestedDisposition = "BULK"`
- `const SubmissionListResponseRequestedDispositionEncrypted SubmissionListResponseRequestedDisposition = "ENCRYPTED"`
- `const SubmissionListResponseRequestedDispositionExternal SubmissionListResponseRequestedDisposition = "EXTERNAL"`
- `const SubmissionListResponseRequestedDispositionUnknown SubmissionListResponseRequestedDisposition = "UNKNOWN"`
- `const SubmissionListResponseRequestedDispositionNone SubmissionListResponseRequestedDisposition = "NONE"`
- `Status string`
- `Subject string`
- `Type string`
### Example
```go
package main
import (
"context"
"fmt"
"github.com/cloudflare/cloudflare-go"
"github.com/cloudflare/cloudflare-go/email_security"
"github.com/cloudflare/cloudflare-go/option"
)
func main() {
client := cloudflare.NewClient(
option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
option.WithAPIEmail("user@example.com"),
)
page, err := client.EmailSecurity.Submissions.List(context.TODO(), email_security.SubmissionListParams{
AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
})
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", page)
}
```
#### Response
```json
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"result": [
{
"requested_ts": "2019-12-27T18:11:19.117Z",
"submission_id": "submission_id",
"customer_status": "escalated",
"escalated_as": "MALICIOUS",
"escalated_at": "2019-12-27T18:11:19.117Z",
"escalated_by": "escalated_by",
"escalated_submission_id": "escalated_submission_id",
"original_disposition": "MALICIOUS",
"original_edf_hash": "original_edf_hash",
"original_postfix_id": "original_postfix_id",
"outcome": "outcome",
"outcome_disposition": "MALICIOUS",
"requested_at": "2019-12-27T18:11:19.117Z",
"requested_by": "requested_by",
"requested_disposition": "MALICIOUS",
"status": "status",
"subject": "subject",
"type": "type"
}
],
"result_info": {
"count": 1,
"page": 1,
"per_page": 20,
"total_count": 2000
},
"success": true
}
```