# Reclassify

## Change email classification

`client.emailSecurity.investigate.reclassify.create(stringinvestigateId, ReclassifyCreateParamsparams, RequestOptionsoptions?): ReclassifyCreateResponse`

**post** `/accounts/{account_id}/email-security/investigate/{investigate_id}/reclassify`

Submits a request to reclassify an email's disposition. Use for reporting false positives or false negatives. Optionally provide the raw EML content for reanalysis. The reclassification is processed asynchronously.

### Parameters

- `investigateId: string`

  Unique identifier for a message retrieved from investigation

- `params: ReclassifyCreateParams`

  - `account_id: string`

    Path param: Identifier.

  - `expected_disposition: "NONE" | "BULK" | "MALICIOUS" | 3 more`

    Body param

    - `"NONE"`

    - `"BULK"`

    - `"MALICIOUS"`

    - `"SPAM"`

    - `"SPOOF"`

    - `"SUSPICIOUS"`

  - `eml_content?: string`

    Body param: Base64 encoded content of the EML file.

  - `escalated_submission_id?: string`

    Body param

### Returns

- `ReclassifyCreateResponse = unknown`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const reclassify = await client.emailSecurity.investigate.reclassify.create(
  '4Njp3P0STMz2c02Q-2024-01-05T10:00:00-12345678',
  { account_id: '023e105f4ecef8ad9ca31a8372d0c353', expected_disposition: 'NONE' },
);

console.log(reclassify);
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": {},
  "success": true
}
```

## Domain Types

### Reclassify Create Response

- `ReclassifyCreateResponse = unknown`