Email Intelligence Check

Run an email intelligence check

To run an Email Intelligence Check, you must create a check with type set to email_intelligence_check.

Learn more about Email Intelligence Checks.

Check request

Example request

curl -X POST https://api.complycube.com/v1/checks \
     -H 'Authorization: <YOUR_API_KEY>' \
     -H 'Content-Type: application/json' \
     -d '{
          "clientId":"CLIENT_ID",
          "type": "email_intelligence_check"
        }'

const check = await complycube.check.create("CLIENT_ID", {
        type: "email_intelligence_check"
});

check = cc_api.check.create(
    'CLIENT_ID',
    'email_intelligence_check'
)

$result = $ccapi->checks()->create(
    'CLIENT_ID',
    [
        'type' => 'email_intelligence_check'
    ]
);

var checkRequest = new CheckRequest {
  clientId = "CLIENT_ID",
  type = "email_intelligence_check"
};

var check = await checkApi.CreateAsync(checkRequest);

Result object

The result object is only returned when the status of the check is complete . It has two components - outcome and breakdown.

Outcome

The outcome attribute represents the overall check result. Returned values include:

1. clear: Indicates every analysis type conducted returned a successful result.

2. attention: Indicates at least one of the analysis results requires attention.

Breakdown

The breakdown comprises the following objects:

riskAnalysis object

The risk analysis results. For each conducted analysis, the returned values include:

1. clear: Indicates the analysis returned a successful result.

2. attention: Indicates the analysis returned a result that requires a review.

It has the following constituents:

• validFormat: Indicates if the email number is properly formatted.

• dataLeakAnalysis: Indicates if this email is associated with a recent database leak from a third party.

• disposableEmailAnalysis: Whether the email is suspected of belonging to a temporary or disposable mail service which are often used for fraud.

• domainValidity: Indicates whether the email domain (e.g., example.com) has valid DMARC, MX, and A records, which help verify its authenticity and email deliverability.

• riskLevel: A value between 0 and 100 that estimates how likely an email address is associated with fraudulent activity. You may use the ranges below as guidance when interpreting results:

  • 0–50: No indicators of fraud detected.

  • 51–75: Suspicious range. Not necessarily fraudulent, but higher scores here suggest a stronger likelihood of risky or harmful activity.

  • 76–100: High-risk number. Strongly associated with fraud or abuse and should not be trusted.

Sample Response

{
    "id": "6231d54079f59b1530fc76e3",
    "entityName": "John Doe",
    "type": "email_intelligence_check",
    "clientId": "6230d4ab58ed4a434afbf2cc",
    "status": "complete",
    "result": {
        "outcome": "clear",
        "breakdown": {
            "validFormat": "clear",
                "riskLevelAnalysis": "clear",
                "dataLeakAnalysis": "clear",
                "disposableEmailAnalysis": "clear",
                "domainValidity": "clear",
                "breakdown": {
                    "riskLevelScore": 30
                }
        }
    },
    "updatedAt": "2025-01-01T12:17:06.046Z",
    "createdAt": "2025-01-01T12:17:04.809Z"
}