# Email Intelligence Check

## Run an email intelligence check

To run an Email Intelligence Check, you must [create a check ](/documentation/api-reference/core-resources/checks/create-a-check.md)with `type` set to `email_intelligence_check`.

[Learn more about Email Intelligence Checks](/documentation/product-guides/digital-fraud-intelligence/email-intelligence-check.md).

{% hint style="info" %}
Get in touch with your Account Manager or [contact us](https://www.complycube.com/sales) to enable this service.
{% endhint %}

## Check request

<table><thead><tr><th width="241">Attribute</th><th width="96.4">Type</th><th>Description</th></tr></thead><tbody><tr><td><code>clientId</code></td><td>string</td><td>The ID of the client associated with this check. (<strong>Required</strong>)</td></tr><tr><td><code>type</code></td><td>string</td><td>This must be set to <code>email_intelligence_check</code>. (<strong>Required</strong>)</td></tr></tbody></table>

### Example request

{% tabs %}
{% tab title="cURL" %}

```bash
curl -X POST https://api.complycube.com/v1/checks \
     -H 'Authorization: <YOUR_API_KEY>' \
     -H 'Content-Type: application/json' \
     -d '{
          "clientId":"CLIENT_ID",
          "type": "email_intelligence_check"
        }'
```

{% endtab %}

{% tab title="Node.js" %}

```json
const check = await complycube.check.create("CLIENT_ID", {
        type: "email_intelligence_check"
});
```

{% endtab %}

{% tab title="Python" %}

```python
check = cc_api.check.create(
    'CLIENT_ID',
    'email_intelligence_check'
)
```

{% endtab %}

{% tab title="PHP" %}

```php
$result = $ccapi->checks()->create(
    'CLIENT_ID',
    [
        'type' => 'email_intelligence_check'
    ]
);
```

{% endtab %}

{% tab title=".NET" %}

```csharp
var checkRequest = new CheckRequest {
  clientId = "CLIENT_ID",
  type = "email_intelligence_check"
};

var check = await checkApi.CreateAsync(checkRequest);
```

{% endtab %}
{% endtabs %}

## Result object

The `result` object is only returned when the status of the check is `complete` . It has two components - `outcome` and `breakdown`.

### Outcome

The outcome attribute represents the overall check result. Returned values include:

1. `clear`: Indicates every analysis type conducted returned a successful result.
2. `attention`: Indicates at least one of the analysis results requires attention.

### Breakdown

The breakdown comprises the following objects:

#### `riskAnalysis` object

The risk analysis results. For each conducted analysis, the returned values include:

1. `clear`: Indicates the analysis returned a successful result.
2. `attention`: Indicates the analysis returned a result that requires a review.

It has the following constituents:

* `validFormat`: Indicates if the email number is properly formatted.
* `dataLeakAnalysis`: Indicates if this email is associated with a recent database leak from a third party.
* `disposableEmailAnalysis`: Whether the email is suspected of belonging to a temporary or disposable mail service which are often used for fraud.
* `domainValidity`: Indicates whether the email domain (e.g., `example.com`) has valid **DMARC**, **MX**, and **A** records, which help verify its authenticity and email deliverability.
* `riskLevel`: A value between 0 and 100 that estimates how likely an email address is associated with fraudulent activity. You may use the ranges below as guidance when interpreting results:
  * *0–50*: No indicators of fraud detected.
  * *51–75*: Suspicious range. Not necessarily fraudulent, but higher scores here suggest a stronger likelihood of risky or harmful activity.
  * *76–100*: High-risk number. Strongly associated with fraud or abuse and should not be trusted.

## Sample Response

```json
{
    "id": "6231d54079f59b1530fc76e3",
    "entityName": "John Doe",
    "type": "email_intelligence_check",
    "clientId": "6230d4ab58ed4a434afbf2cc",
    "status": "complete",
    "result": {
        "outcome": "clear",
        "breakdown": {
            "validFormat": "clear",
                "riskLevelAnalysis": "clear",
                "dataLeakAnalysis": "clear",
                "disposableEmailAnalysis": "clear",
                "domainValidity": "clear",
                "breakdown": {
                    "riskLevelScore": 30
                }
        }
    },
    "updatedAt": "2025-01-01T12:17:06.046Z",
    "createdAt": "2025-01-01T12:17:04.809Z"
}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.complycube.com/documentation/api-reference/check-types/email-intelligence-check.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.