API Reference

Email Security

Submissions

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Get reclassify submissions

client.EmailSecurity.Submissions.List(ctx, params) (*V4PagePaginationArray[SubmissionListResponse], error)

GET/accounts/{account_id}/email-security/submissions

Returns information for submissions made to reclassify emails. Shows the status, outcome, and disposition changes for reclassification requests made by users or the security team. Useful for tracking false positive/negative reports.

Security

API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

ParametersExpand Collapse

params SubmissionListParams

AccountID param.Field[string]

Path param: Identifier.

maxLength32

End param.Field[Time]Optional

Query param: The end of the search date range. Defaults to now.

formatdate-time

EscalatedFromUser param.Field[bool]Optional

Query param: When true, return only submissions that were escalated by an end user (vs. by the security team). When false, return only submissions that were not escalated by an end user. When omitted, no filter is applied.

OriginalDisposition param.Field[SubmissionListParamsOriginalDisposition]Optional

Query param

const SubmissionListParamsOriginalDispositionMalicious SubmissionListParamsOriginalDisposition = "MALICIOUS"

const SubmissionListParamsOriginalDispositionSuspicious SubmissionListParamsOriginalDisposition = "SUSPICIOUS"

const SubmissionListParamsOriginalDispositionSpoof SubmissionListParamsOriginalDisposition = "SPOOF"

const SubmissionListParamsOriginalDispositionSpam SubmissionListParamsOriginalDisposition = "SPAM"

const SubmissionListParamsOriginalDispositionBulk SubmissionListParamsOriginalDisposition = "BULK"

const SubmissionListParamsOriginalDispositionNone SubmissionListParamsOriginalDisposition = "NONE"

OutcomeDisposition param.Field[SubmissionListParamsOutcomeDisposition]Optional

Query param

const SubmissionListParamsOutcomeDispositionMalicious SubmissionListParamsOutcomeDisposition = "MALICIOUS"

const SubmissionListParamsOutcomeDispositionSuspicious SubmissionListParamsOutcomeDisposition = "SUSPICIOUS"

const SubmissionListParamsOutcomeDispositionSpoof SubmissionListParamsOutcomeDisposition = "SPOOF"

const SubmissionListParamsOutcomeDispositionSpam SubmissionListParamsOutcomeDisposition = "SPAM"

const SubmissionListParamsOutcomeDispositionBulk SubmissionListParamsOutcomeDisposition = "BULK"

const SubmissionListParamsOutcomeDispositionNone SubmissionListParamsOutcomeDisposition = "NONE"

Page param.Field[int64]Optional

Query param: Current page within paginated list of results.

minimum1

PerPage param.Field[int64]Optional

Query param: The number of results per page. Maximum value is 1000.

maximum1000

minimum1

Query param.Field[string]Optional

Query param

RequestedDisposition param.Field[SubmissionListParamsRequestedDisposition]Optional

Query param

const SubmissionListParamsRequestedDispositionMalicious SubmissionListParamsRequestedDisposition = "MALICIOUS"

const SubmissionListParamsRequestedDispositionSuspicious SubmissionListParamsRequestedDisposition = "SUSPICIOUS"

const SubmissionListParamsRequestedDispositionSpoof SubmissionListParamsRequestedDisposition = "SPOOF"

const SubmissionListParamsRequestedDispositionSpam SubmissionListParamsRequestedDisposition = "SPAM"

const SubmissionListParamsRequestedDispositionBulk SubmissionListParamsRequestedDisposition = "BULK"

const SubmissionListParamsRequestedDispositionNone SubmissionListParamsRequestedDisposition = "NONE"

Start param.Field[Time]Optional

Query param: The beginning of the search date range. Defaults to now - 30 days.

formatdate-time

Status param.Field[string]Optional

Query param

SubmissionID param.Field[string]Optional

Query param

Type param.Field[SubmissionListParamsType]Optional

Query param

const SubmissionListParamsTypeTeam SubmissionListParamsType = "TEAM"

const SubmissionListParamsTypeUser SubmissionListParamsType = "USER"

ReturnsExpand Collapse

type SubmissionListResponse struct{…}

RequestedAt Time

When the submission was requested (UTC).

formatdate-time

SubmissionID string

CustomerStatus SubmissionListResponseCustomerStatusOptional

One of the following:

const SubmissionListResponseCustomerStatusEscalated SubmissionListResponseCustomerStatus = "escalated"

const SubmissionListResponseCustomerStatusReviewed SubmissionListResponseCustomerStatus = "reviewed"

const SubmissionListResponseCustomerStatusUnreviewed SubmissionListResponseCustomerStatus = "unreviewed"

EscalatedAs SubmissionListResponseEscalatedAsOptional

One of the following:

const SubmissionListResponseEscalatedAsMalicious SubmissionListResponseEscalatedAs = "MALICIOUS"

const SubmissionListResponseEscalatedAsSuspicious SubmissionListResponseEscalatedAs = "SUSPICIOUS"

const SubmissionListResponseEscalatedAsSpoof SubmissionListResponseEscalatedAs = "SPOOF"

const SubmissionListResponseEscalatedAsSpam SubmissionListResponseEscalatedAs = "SPAM"

const SubmissionListResponseEscalatedAsBulk SubmissionListResponseEscalatedAs = "BULK"

const SubmissionListResponseEscalatedAsNone SubmissionListResponseEscalatedAs = "NONE"

EscalatedAt TimeOptional

formatdate-time

EscalatedBy stringOptional

EscalatedSubmissionID stringOptional

OriginalDisposition SubmissionListResponseOriginalDispositionOptional

One of the following:

const SubmissionListResponseOriginalDispositionMalicious SubmissionListResponseOriginalDisposition = "MALICIOUS"

const SubmissionListResponseOriginalDispositionSuspicious SubmissionListResponseOriginalDisposition = "SUSPICIOUS"

const SubmissionListResponseOriginalDispositionSpoof SubmissionListResponseOriginalDisposition = "SPOOF"

const SubmissionListResponseOriginalDispositionSpam SubmissionListResponseOriginalDisposition = "SPAM"

const SubmissionListResponseOriginalDispositionBulk SubmissionListResponseOriginalDisposition = "BULK"

const SubmissionListResponseOriginalDispositionNone SubmissionListResponseOriginalDisposition = "NONE"

OriginalEdfHash stringOptional

OriginalPostfixID stringOptional

The postfix ID of the original message that was submitted

Outcome stringOptional

OutcomeDisposition SubmissionListResponseOutcomeDispositionOptional

One of the following:

const SubmissionListResponseOutcomeDispositionMalicious SubmissionListResponseOutcomeDisposition = "MALICIOUS"

const SubmissionListResponseOutcomeDispositionSuspicious SubmissionListResponseOutcomeDisposition = "SUSPICIOUS"

const SubmissionListResponseOutcomeDispositionSpoof SubmissionListResponseOutcomeDisposition = "SPOOF"

const SubmissionListResponseOutcomeDispositionSpam SubmissionListResponseOutcomeDisposition = "SPAM"

const SubmissionListResponseOutcomeDispositionBulk SubmissionListResponseOutcomeDisposition = "BULK"

const SubmissionListResponseOutcomeDispositionNone SubmissionListResponseOutcomeDisposition = "NONE"

RequestedBy stringOptional

RequestedDisposition SubmissionListResponseRequestedDispositionOptional

One of the following:

const SubmissionListResponseRequestedDispositionMalicious SubmissionListResponseRequestedDisposition = "MALICIOUS"

const SubmissionListResponseRequestedDispositionSuspicious SubmissionListResponseRequestedDisposition = "SUSPICIOUS"

const SubmissionListResponseRequestedDispositionSpoof SubmissionListResponseRequestedDisposition = "SPOOF"

const SubmissionListResponseRequestedDispositionSpam SubmissionListResponseRequestedDisposition = "SPAM"

const SubmissionListResponseRequestedDispositionBulk SubmissionListResponseRequestedDisposition = "BULK"

const SubmissionListResponseRequestedDispositionNone SubmissionListResponseRequestedDisposition = "NONE"

DeprecatedRequestedTs stringOptional

Deprecated, use requested_at instead

Status stringOptional

Subject stringOptional

Type SubmissionListResponseTypeOptional

Whether the submission was created by a team member or an end user.

One of the following:

const SubmissionListResponseTypeTeam SubmissionListResponseType = "Team"

const SubmissionListResponseTypeUser SubmissionListResponseType = "User"

Get reclassify submissions

Go

HTTP

TypeScript

Python

Go

Terraform

package main

import (
  "context"
  "fmt"

  "github.com/cloudflare/cloudflare-go"
  "github.com/cloudflare/cloudflare-go/email_security"
  "github.com/cloudflare/cloudflare-go/option"
)

func main() {
  client := cloudflare.NewClient(
    option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"),
  )
  page, err := client.EmailSecurity.Submissions.List(context.TODO(), email_security.SubmissionListParams{
    AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
  })
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", page)
}

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": [
    {
      "requested_at": "2019-12-27T18:11:19.117Z",
      "submission_id": "submission_id",
      "customer_status": "escalated",
      "escalated_as": "MALICIOUS",
      "escalated_at": "2019-12-27T18:11:19.117Z",
      "escalated_by": "escalated_by",
      "escalated_submission_id": "escalated_submission_id",
      "original_disposition": "MALICIOUS",
      "original_edf_hash": "original_edf_hash",
      "original_postfix_id": "original_postfix_id",
      "outcome": "outcome",
      "outcome_disposition": "MALICIOUS",
      "requested_by": "requested_by",
      "requested_disposition": "MALICIOUS",
      "requested_ts": "requested_ts",
      "status": "status",
      "subject": "subject",
      "type": "Team"
    }
  ],
  "result_info": {
    "count": 1,
    "page": 1,
    "per_page": 20,
    "total_count": 2000
  }
}

Returns Examples

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": [
    {
      "requested_at": "2019-12-27T18:11:19.117Z",
      "submission_id": "submission_id",
      "customer_status": "escalated",
      "escalated_as": "MALICIOUS",
      "escalated_at": "2019-12-27T18:11:19.117Z",
      "escalated_by": "escalated_by",
      "escalated_submission_id": "escalated_submission_id",
      "original_disposition": "MALICIOUS",
      "original_edf_hash": "original_edf_hash",
      "original_postfix_id": "original_postfix_id",
      "outcome": "outcome",
      "outcome_disposition": "MALICIOUS",
      "requested_by": "requested_by",
      "requested_disposition": "MALICIOUS",
      "requested_ts": "requested_ts",
      "status": "status",
      "subject": "subject",
      "type": "Team"
    }
  ],
  "result_info": {
    "count": 1,
    "page": 1,
    "per_page": 20,
    "total_count": 2000
  }
}