Skip to content
Cloudflare API
Start here
API Reference
Email Security

Settings

SettingsAllow Policies

List email allow policies
email_security.settings.allow_policies.list(AllowPolicyListParams**kwargs) -> SyncV4PagePaginationArray[AllowPolicyListResponse]
GET/accounts/{account_id}/email-security/settings/allow_policies
Get an email allow policy
email_security.settings.allow_policies.get(intpolicy_id, AllowPolicyGetParams**kwargs) -> AllowPolicyGetResponse
GET/accounts/{account_id}/email-security/settings/allow_policies/{policy_id}
Create an email allow policy
email_security.settings.allow_policies.create(AllowPolicyCreateParams**kwargs) -> AllowPolicyCreateResponse
POST/accounts/{account_id}/email-security/settings/allow_policies
Update an email allow policy
email_security.settings.allow_policies.edit(intpolicy_id, AllowPolicyEditParams**kwargs) -> AllowPolicyEditResponse
PATCH/accounts/{account_id}/email-security/settings/allow_policies/{policy_id}
Delete an email allow policy
email_security.settings.allow_policies.delete(intpolicy_id, AllowPolicyDeleteParams**kwargs) -> AllowPolicyDeleteResponse
DELETE/accounts/{account_id}/email-security/settings/allow_policies/{policy_id}
ModelsExpand Collapse
class AllowPolicyListResponse:
id: int

The unique identifier for the allow policy.

formatint32
created_at: datetime
formatdate-time
is_acceptable_sender: bool

Messages from this sender will be exempted from Spam, Spoof and Bulk dispositions. Note: This will not exempt messages with Malicious or Suspicious dispositions.

is_exempt_recipient: bool

Messages to this recipient will bypass all detections.

is_regex: bool
is_trusted_sender: bool

Messages from this sender will bypass all detections and link following.

last_modified: datetime
formatdate-time
pattern: str
maxLength1024
minLength1
pattern_type: Literal["EMAIL", "DOMAIN", "IP", "UNKNOWN"]
One of the following:
"EMAIL"
"DOMAIN"
"IP"
"UNKNOWN"
verify_sender: bool

Enforce DMARC, SPF or DKIM authentication. When on, Email Security only honors policies that pass authentication.

comments: Optional[str]
maxLength1024
Deprecatedis_recipient: Optional[bool]
Deprecatedis_sender: Optional[bool]
Deprecatedis_spoof: Optional[bool]
class AllowPolicyGetResponse:
id: int

The unique identifier for the allow policy.

formatint32
created_at: datetime
formatdate-time
is_acceptable_sender: bool

Messages from this sender will be exempted from Spam, Spoof and Bulk dispositions. Note: This will not exempt messages with Malicious or Suspicious dispositions.

is_exempt_recipient: bool

Messages to this recipient will bypass all detections.

is_regex: bool
is_trusted_sender: bool

Messages from this sender will bypass all detections and link following.

last_modified: datetime
formatdate-time
pattern: str
maxLength1024
minLength1
pattern_type: Literal["EMAIL", "DOMAIN", "IP", "UNKNOWN"]
One of the following:
"EMAIL"
"DOMAIN"
"IP"
"UNKNOWN"
verify_sender: bool

Enforce DMARC, SPF or DKIM authentication. When on, Email Security only honors policies that pass authentication.

comments: Optional[str]
maxLength1024
Deprecatedis_recipient: Optional[bool]
Deprecatedis_sender: Optional[bool]
Deprecatedis_spoof: Optional[bool]
class AllowPolicyCreateResponse:
id: int

The unique identifier for the allow policy.

formatint32
created_at: datetime
formatdate-time
is_acceptable_sender: bool

Messages from this sender will be exempted from Spam, Spoof and Bulk dispositions. Note: This will not exempt messages with Malicious or Suspicious dispositions.

is_exempt_recipient: bool

Messages to this recipient will bypass all detections.

is_regex: bool
is_trusted_sender: bool

Messages from this sender will bypass all detections and link following.

last_modified: datetime
formatdate-time
pattern: str
maxLength1024
minLength1
pattern_type: Literal["EMAIL", "DOMAIN", "IP", "UNKNOWN"]
One of the following:
"EMAIL"
"DOMAIN"
"IP"
"UNKNOWN"
verify_sender: bool

Enforce DMARC, SPF or DKIM authentication. When on, Email Security only honors policies that pass authentication.

comments: Optional[str]
maxLength1024
Deprecatedis_recipient: Optional[bool]
Deprecatedis_sender: Optional[bool]
Deprecatedis_spoof: Optional[bool]
class AllowPolicyEditResponse:
id: int

The unique identifier for the allow policy.

formatint32
created_at: datetime
formatdate-time
is_acceptable_sender: bool

Messages from this sender will be exempted from Spam, Spoof and Bulk dispositions. Note: This will not exempt messages with Malicious or Suspicious dispositions.

is_exempt_recipient: bool

Messages to this recipient will bypass all detections.

is_regex: bool
is_trusted_sender: bool

Messages from this sender will bypass all detections and link following.

last_modified: datetime
formatdate-time
pattern: str
maxLength1024
minLength1
pattern_type: Literal["EMAIL", "DOMAIN", "IP", "UNKNOWN"]
One of the following:
"EMAIL"
"DOMAIN"
"IP"
"UNKNOWN"
verify_sender: bool

Enforce DMARC, SPF or DKIM authentication. When on, Email Security only honors policies that pass authentication.

comments: Optional[str]
maxLength1024
Deprecatedis_recipient: Optional[bool]
Deprecatedis_sender: Optional[bool]
Deprecatedis_spoof: Optional[bool]
class AllowPolicyDeleteResponse:
id: int

The unique identifier for the allow policy.

formatint32

SettingsBlock Senders

List blocked email senders
email_security.settings.block_senders.list(BlockSenderListParams**kwargs) -> SyncV4PagePaginationArray[BlockSenderListResponse]
GET/accounts/{account_id}/email-security/settings/block_senders
Get a blocked email sender
email_security.settings.block_senders.get(intpattern_id, BlockSenderGetParams**kwargs) -> BlockSenderGetResponse
GET/accounts/{account_id}/email-security/settings/block_senders/{pattern_id}
Create a blocked email sender
email_security.settings.block_senders.create(BlockSenderCreateParams**kwargs) -> BlockSenderCreateResponse
POST/accounts/{account_id}/email-security/settings/block_senders
Update a blocked email sender
email_security.settings.block_senders.edit(intpattern_id, BlockSenderEditParams**kwargs) -> BlockSenderEditResponse
PATCH/accounts/{account_id}/email-security/settings/block_senders/{pattern_id}
Delete a blocked email sender
email_security.settings.block_senders.delete(intpattern_id, BlockSenderDeleteParams**kwargs) -> BlockSenderDeleteResponse
DELETE/accounts/{account_id}/email-security/settings/block_senders/{pattern_id}
ModelsExpand Collapse
class BlockSenderListResponse:
id: int

The unique identifier for the allow policy.

formatint32
created_at: datetime
formatdate-time
is_regex: bool
last_modified: datetime
formatdate-time
pattern: str
maxLength1024
minLength1
pattern_type: Literal["EMAIL", "DOMAIN", "IP", "UNKNOWN"]
One of the following:
"EMAIL"
"DOMAIN"
"IP"
"UNKNOWN"
comments: Optional[str]
maxLength1024
class BlockSenderGetResponse:
id: int

The unique identifier for the allow policy.

formatint32
created_at: datetime
formatdate-time
is_regex: bool
last_modified: datetime
formatdate-time
pattern: str
maxLength1024
minLength1
pattern_type: Literal["EMAIL", "DOMAIN", "IP", "UNKNOWN"]
One of the following:
"EMAIL"
"DOMAIN"
"IP"
"UNKNOWN"
comments: Optional[str]
maxLength1024
class BlockSenderCreateResponse:
id: int

The unique identifier for the allow policy.

formatint32
created_at: datetime
formatdate-time
is_regex: bool
last_modified: datetime
formatdate-time
pattern: str
maxLength1024
minLength1
pattern_type: Literal["EMAIL", "DOMAIN", "IP", "UNKNOWN"]
One of the following:
"EMAIL"
"DOMAIN"
"IP"
"UNKNOWN"
comments: Optional[str]
maxLength1024
class BlockSenderEditResponse:
id: int

The unique identifier for the allow policy.

formatint32
created_at: datetime
formatdate-time
is_regex: bool
last_modified: datetime
formatdate-time
pattern: str
maxLength1024
minLength1
pattern_type: Literal["EMAIL", "DOMAIN", "IP", "UNKNOWN"]
One of the following:
"EMAIL"
"DOMAIN"
"IP"
"UNKNOWN"
comments: Optional[str]
maxLength1024
class BlockSenderDeleteResponse:
id: int

The unique identifier for the allow policy.

formatint32

SettingsDomains

List protected email domains
email_security.settings.domains.list(DomainListParams**kwargs) -> SyncV4PagePaginationArray[DomainListResponse]
GET/accounts/{account_id}/email-security/settings/domains
Get an email domain
email_security.settings.domains.get(intdomain_id, DomainGetParams**kwargs) -> DomainGetResponse
GET/accounts/{account_id}/email-security/settings/domains/{domain_id}
Update an email domain
email_security.settings.domains.edit(intdomain_id, DomainEditParams**kwargs) -> DomainEditResponse
PATCH/accounts/{account_id}/email-security/settings/domains/{domain_id}
Unprotect an email domain
email_security.settings.domains.delete(intdomain_id, DomainDeleteParams**kwargs) -> DomainDeleteResponse
DELETE/accounts/{account_id}/email-security/settings/domains/{domain_id}
Unprotect multiple email domains
email_security.settings.domains.bulk_delete(DomainBulkDeleteParams**kwargs) -> SyncSinglePage[DomainBulkDeleteResponse]
DELETE/accounts/{account_id}/email-security/settings/domains
ModelsExpand Collapse
class DomainListResponse:
id: int

The unique identifier for the domain.

formatint32
allowed_delivery_modes: List[Literal["DIRECT", "BCC", "JOURNAL", 2 more]]
One of the following:
"DIRECT"
"BCC"
"JOURNAL"
"API"
"RETRO_SCAN"
created_at: datetime
formatdate-time
domain: str
drop_dispositions: List[Literal["MALICIOUS", "MALICIOUS-BEC", "SUSPICIOUS", 7 more]]
One of the following:
"MALICIOUS"
"MALICIOUS-BEC"
"SUSPICIOUS"
"SPOOF"
"SPAM"
"BULK"
"ENCRYPTED"
"EXTERNAL"
"UNKNOWN"
"NONE"
ip_restrictions: List[str]
last_modified: datetime
formatdate-time
lookback_hops: int
formatint32
regions: List[Literal["GLOBAL", "AU", "DE", 2 more]]
One of the following:
"GLOBAL"
"AU"
"DE"
"IN"
"US"
transport: str
authorization: Optional[Authorization]
authorized: bool
timestamp: datetime
formatdate-time
status_message: Optional[str]
dmarc_status: Optional[Literal["none", "good", "invalid"]]
One of the following:
"none"
"good"
"invalid"
emails_processed: Optional[EmailsProcessed]
timestamp: datetime
formatdate-time
total_emails_processed: int
formatint32
minimum0
total_emails_processed_previous: int
formatint32
minimum0
folder: Optional[Literal["AllItems", "Inbox"]]
One of the following:
"AllItems"
"Inbox"
inbox_provider: Optional[Literal["Microsoft", "Google"]]
One of the following:
"Microsoft"
"Google"
integration_id: Optional[str]
formatuuid
o365_tenant_id: Optional[str]
require_tls_inbound: Optional[bool]
require_tls_outbound: Optional[bool]
spf_status: Optional[Literal["none", "good", "neutral", 2 more]]
One of the following:
"none"
"good"
"neutral"
"open"
"invalid"
class DomainGetResponse:
id: int

The unique identifier for the domain.

formatint32
allowed_delivery_modes: List[Literal["DIRECT", "BCC", "JOURNAL", 2 more]]
One of the following:
"DIRECT"
"BCC"
"JOURNAL"
"API"
"RETRO_SCAN"
created_at: datetime
formatdate-time
domain: str
drop_dispositions: List[Literal["MALICIOUS", "MALICIOUS-BEC", "SUSPICIOUS", 7 more]]
One of the following:
"MALICIOUS"
"MALICIOUS-BEC"
"SUSPICIOUS"
"SPOOF"
"SPAM"
"BULK"
"ENCRYPTED"
"EXTERNAL"
"UNKNOWN"
"NONE"
ip_restrictions: List[str]
last_modified: datetime
formatdate-time
lookback_hops: int
formatint32
regions: List[Literal["GLOBAL", "AU", "DE", 2 more]]
One of the following:
"GLOBAL"
"AU"
"DE"
"IN"
"US"
transport: str
authorization: Optional[Authorization]
authorized: bool
timestamp: datetime
formatdate-time
status_message: Optional[str]
dmarc_status: Optional[Literal["none", "good", "invalid"]]
One of the following:
"none"
"good"
"invalid"
emails_processed: Optional[EmailsProcessed]
timestamp: datetime
formatdate-time
total_emails_processed: int
formatint32
minimum0
total_emails_processed_previous: int
formatint32
minimum0
folder: Optional[Literal["AllItems", "Inbox"]]
One of the following:
"AllItems"
"Inbox"
inbox_provider: Optional[Literal["Microsoft", "Google"]]
One of the following:
"Microsoft"
"Google"
integration_id: Optional[str]
formatuuid
o365_tenant_id: Optional[str]
require_tls_inbound: Optional[bool]
require_tls_outbound: Optional[bool]
spf_status: Optional[Literal["none", "good", "neutral", 2 more]]
One of the following:
"none"
"good"
"neutral"
"open"
"invalid"
class DomainEditResponse:
id: int

The unique identifier for the domain.

formatint32
allowed_delivery_modes: List[Literal["DIRECT", "BCC", "JOURNAL", 2 more]]
One of the following:
"DIRECT"
"BCC"
"JOURNAL"
"API"
"RETRO_SCAN"
created_at: datetime
formatdate-time
domain: str
drop_dispositions: List[Literal["MALICIOUS", "MALICIOUS-BEC", "SUSPICIOUS", 7 more]]
One of the following:
"MALICIOUS"
"MALICIOUS-BEC"
"SUSPICIOUS"
"SPOOF"
"SPAM"
"BULK"
"ENCRYPTED"
"EXTERNAL"
"UNKNOWN"
"NONE"
ip_restrictions: List[str]
last_modified: datetime
formatdate-time
lookback_hops: int
formatint32
regions: List[Literal["GLOBAL", "AU", "DE", 2 more]]
One of the following:
"GLOBAL"
"AU"
"DE"
"IN"
"US"
transport: str
authorization: Optional[Authorization]
authorized: bool
timestamp: datetime
formatdate-time
status_message: Optional[str]
dmarc_status: Optional[Literal["none", "good", "invalid"]]
One of the following:
"none"
"good"
"invalid"
emails_processed: Optional[EmailsProcessed]
timestamp: datetime
formatdate-time
total_emails_processed: int
formatint32
minimum0
total_emails_processed_previous: int
formatint32
minimum0
folder: Optional[Literal["AllItems", "Inbox"]]
One of the following:
"AllItems"
"Inbox"
inbox_provider: Optional[Literal["Microsoft", "Google"]]
One of the following:
"Microsoft"
"Google"
integration_id: Optional[str]
formatuuid
o365_tenant_id: Optional[str]
require_tls_inbound: Optional[bool]
require_tls_outbound: Optional[bool]
spf_status: Optional[Literal["none", "good", "neutral", 2 more]]
One of the following:
"none"
"good"
"neutral"
"open"
"invalid"
class DomainDeleteResponse:
id: int

The unique identifier for the domain.

formatint32
class DomainBulkDeleteResponse:
id: int

The unique identifier for the domain.

formatint32

SettingsImpersonation Registry

List entries in impersonation registry
email_security.settings.impersonation_registry.list(ImpersonationRegistryListParams**kwargs) -> SyncV4PagePaginationArray[ImpersonationRegistryListResponse]
GET/accounts/{account_id}/email-security/settings/impersonation_registry
Get an entry in impersonation registry
email_security.settings.impersonation_registry.get(intdisplay_name_id, ImpersonationRegistryGetParams**kwargs) -> ImpersonationRegistryGetResponse
GET/accounts/{account_id}/email-security/settings/impersonation_registry/{display_name_id}
Create an entry in impersonation registry
email_security.settings.impersonation_registry.create(ImpersonationRegistryCreateParams**kwargs) -> ImpersonationRegistryCreateResponse
POST/accounts/{account_id}/email-security/settings/impersonation_registry
Update an entry in impersonation registry
email_security.settings.impersonation_registry.edit(intdisplay_name_id, ImpersonationRegistryEditParams**kwargs) -> ImpersonationRegistryEditResponse
PATCH/accounts/{account_id}/email-security/settings/impersonation_registry/{display_name_id}
Delete an entry from impersonation registry
email_security.settings.impersonation_registry.delete(intdisplay_name_id, ImpersonationRegistryDeleteParams**kwargs) -> ImpersonationRegistryDeleteResponse
DELETE/accounts/{account_id}/email-security/settings/impersonation_registry/{display_name_id}
ModelsExpand Collapse
class ImpersonationRegistryListResponse:
id: int
formatint32
created_at: datetime
formatdate-time
email: str
is_email_regex: bool
last_modified: datetime
formatdate-time
name: str
maxLength1024
comments: Optional[str]
directory_id: Optional[int]
formatint64
directory_node_id: Optional[int]
formatint64
Deprecatedexternal_directory_node_id: Optional[str]
provenance: Optional[str]
class ImpersonationRegistryGetResponse:
id: int
formatint32
created_at: datetime
formatdate-time
email: str
is_email_regex: bool
last_modified: datetime
formatdate-time
name: str
maxLength1024
comments: Optional[str]
directory_id: Optional[int]
formatint64
directory_node_id: Optional[int]
formatint64
Deprecatedexternal_directory_node_id: Optional[str]
provenance: Optional[str]
class ImpersonationRegistryCreateResponse:
id: int
formatint32
created_at: datetime
formatdate-time
email: str
is_email_regex: bool
last_modified: datetime
formatdate-time
name: str
maxLength1024
comments: Optional[str]
directory_id: Optional[int]
formatint64
directory_node_id: Optional[int]
formatint64
Deprecatedexternal_directory_node_id: Optional[str]
provenance: Optional[str]
class ImpersonationRegistryEditResponse:
id: int
formatint32
created_at: datetime
formatdate-time
email: str
is_email_regex: bool
last_modified: datetime
formatdate-time
name: str
maxLength1024
comments: Optional[str]
directory_id: Optional[int]
formatint64
directory_node_id: Optional[int]
formatint64
Deprecatedexternal_directory_node_id: Optional[str]
provenance: Optional[str]
class ImpersonationRegistryDeleteResponse:
id: int
formatint32

SettingsTrusted Domains

List trusted email domains
email_security.settings.trusted_domains.list(TrustedDomainListParams**kwargs) -> SyncV4PagePaginationArray[TrustedDomainListResponse]
GET/accounts/{account_id}/email-security/settings/trusted_domains
Get a trusted email domain
email_security.settings.trusted_domains.get(inttrusted_domain_id, TrustedDomainGetParams**kwargs) -> TrustedDomainGetResponse
GET/accounts/{account_id}/email-security/settings/trusted_domains/{trusted_domain_id}
Create a trusted email domain
email_security.settings.trusted_domains.create(TrustedDomainCreateParams**kwargs) -> TrustedDomainCreateResponse
POST/accounts/{account_id}/email-security/settings/trusted_domains
Update a trusted email domain
email_security.settings.trusted_domains.edit(inttrusted_domain_id, TrustedDomainEditParams**kwargs) -> TrustedDomainEditResponse
PATCH/accounts/{account_id}/email-security/settings/trusted_domains/{trusted_domain_id}
Delete a trusted email domain
email_security.settings.trusted_domains.delete(inttrusted_domain_id, TrustedDomainDeleteParams**kwargs) -> TrustedDomainDeleteResponse
DELETE/accounts/{account_id}/email-security/settings/trusted_domains/{trusted_domain_id}
ModelsExpand Collapse
class TrustedDomainListResponse:
id: int

The unique identifier for the trusted domain.

formatint32
created_at: datetime
formatdate-time
is_recent: bool

Select to prevent recently registered domains from triggering a Suspicious or Malicious disposition.

is_regex: bool
is_similarity: bool

Select for partner or other approved domains that have similar spelling to your connected domains. Prevents listed domains from triggering a Spoof disposition.

last_modified: datetime
formatdate-time
pattern: str
maxLength1024
minLength1
comments: Optional[str]
maxLength1024
class TrustedDomainGetResponse:
id: int

The unique identifier for the trusted domain.

formatint32
created_at: datetime
formatdate-time
is_recent: bool

Select to prevent recently registered domains from triggering a Suspicious or Malicious disposition.

is_regex: bool
is_similarity: bool

Select for partner or other approved domains that have similar spelling to your connected domains. Prevents listed domains from triggering a Spoof disposition.

last_modified: datetime
formatdate-time
pattern: str
maxLength1024
minLength1
comments: Optional[str]
maxLength1024
One of the following:
class EmailSecurityTrustedDomain:
id: int

The unique identifier for the trusted domain.

formatint32
created_at: datetime
formatdate-time
is_recent: bool

Select to prevent recently registered domains from triggering a Suspicious or Malicious disposition.

is_regex: bool
is_similarity: bool

Select for partner or other approved domains that have similar spelling to your connected domains. Prevents listed domains from triggering a Spoof disposition.

last_modified: datetime
formatdate-time
pattern: str
maxLength1024
minLength1
comments: Optional[str]
maxLength1024
List[UnionMember1]
id: int

The unique identifier for the trusted domain.

formatint32
created_at: datetime
formatdate-time
is_recent: bool

Select to prevent recently registered domains from triggering a Suspicious or Malicious disposition.

is_regex: bool
is_similarity: bool

Select for partner or other approved domains that have similar spelling to your connected domains. Prevents listed domains from triggering a Spoof disposition.

last_modified: datetime
formatdate-time
pattern: str
maxLength1024
minLength1
comments: Optional[str]
maxLength1024
class TrustedDomainEditResponse:
id: int

The unique identifier for the trusted domain.

formatint32
created_at: datetime
formatdate-time
is_recent: bool

Select to prevent recently registered domains from triggering a Suspicious or Malicious disposition.

is_regex: bool
is_similarity: bool

Select for partner or other approved domains that have similar spelling to your connected domains. Prevents listed domains from triggering a Spoof disposition.

last_modified: datetime
formatdate-time
pattern: str
maxLength1024
minLength1
comments: Optional[str]
maxLength1024
class TrustedDomainDeleteResponse:
id: int

The unique identifier for the trusted domain.

formatint32