post https://api.prod.metamap.com/safety/v1/checks/email/risk
This API provides a behavioral risk assessment based on email address
This API Requires a Webhook URL
Go here for more information on setting up a webhook listener.
Risk assessment is returned as an integer. For example, the email address [email protected] has no associated risks and will have a risk score of 0.
The request body can also include metadata so you can use your own internal references to identify your users and requests. Send metadata for every Webhook. The metadata should have a maximum size of ≦4Kb and be only one level deep.
Field Description
In addition to the email and riskScore fields, this API returns the following:
| Field | Description | Possible Values | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| valid | Does this email address appear valid? | boolean | ||||||||||||
| disposable | Is this email suspected of belonging to a temporary or disposable mail service? Usually associated with fraudsters and scammers. | boolean | ||||||||||||
| timed_out | Did the connection to the mail service provider timeout during the verification? If so, we recommend increasing the "timeout" variable above the default 7 second value. Lookups that timeout with a "valid" result as false are most likely false and should be not be trusted. | boolean | ||||||||||||
| deliverability | How likely is this email to be delivered to the user and land in their mailbox. Values can be "high", "medium", or "low". | string | ||||||||||||
| catch_all | Is this email likely to be a "catch all" where the mail server verifies all emails tested against it as valid? It is difficult to determine if the address is truly valid in these scenarios, since the email's server will not confirm the account's status. | boolean | ||||||||||||
| leaked | Was this email address associated with a recent database leak from a third party? Leaked accounts pose a risk as they may have become compromised during a database breach. | boolean | ||||||||||||
| suspect | This value indicates if the mail server is currently replying with a temporary error and unable to verify the email address. This status will also be true for "catch all" email addresses as defined below. If this value is true, then we suspect the "valid" result may be tainted and there is not a guarantee that the email address is truly valid. | boolean | ||||||||||||
| smtp_score | Validity score of email server's SMTP setup. Range: "-1" - "3". Scores above "-1" can be associated with a valid email.
|
integer | ||||||||||||
| overall_score | Overall email validity score. Range: "0" - "4". Scores above "1" can be associated with a valid email.
|
integer | ||||||||||||
| first_name | Suspected first name based on email. Returns "CORPORATE" if the email is suspected of being a generic company email. Returns "UNKNOWN" if the first name was not determinable. | string | ||||||||||||
| common | Is this email from a common email provider? ("gmail.com", "yahoo.com", "hotmail.com", etc.) | boolean | ||||||||||||
| generic | Is this email suspected as being a catch all or shared email for a domain? ("admin@", "webmaster@", "newsletter@", "sales@", "contact@", etc.) | boolean | ||||||||||||
| dns_valid | Does the email's hostname have valid DNS entries? Partial indication of a valid email. | boolean | ||||||||||||
| honeypot | Is this email believed to be a "honeypot" or "SPAM trap"? Bulk mail sent to these emails increases your risk of being blacklisted by large ISPs & ending up in the spam folder. | boolean | ||||||||||||
| spam_trap_score | Confidence level of the email address being an active SPAM trap. Values can be "high", "medium", "low", or "none". We recommend scrubbing emails with "high" or "medium" statuses. Avoid "low" emails whenever possible for any promotional mailings. | string | ||||||||||||
| recent_abuse | This value will indicate if there has been any recently verified abuse across our network for this email address. Abuse could be a confirmed chargeback, fake signup, compromised device, fake app install, or similar malicious behavior within the past few days. | boolean | ||||||||||||
| fraud_score | The overall Fraud Score of the user based on the email's reputation and recent behavior across the IPQS threat network. Fraud Scores >= 75 are suspicious, but not necessarily fraudulent. | float | ||||||||||||
| frequent_complainer | Indicates if this email frequently unsubscribes from marketing lists or reports email as SPAM. | boolean | ||||||||||||
| suggested_domain | Default value is "N/A". Indicates if this email's domain should in fact be corrected to a popular mail service. This field is useful for catching user typos. For example, an email address with "gmai.com", would display a suggested domain of "gmail.com". This feature supports all major mail service providers. | string | ||||||||||||
| domain_velocity | Indicates the level of legitimate users interacting with the email address domain. Values can be "high", "medium", "low", or "none". Domains like "IBM.com", "Microsoft.com", "Gmail.com", etc. will have "high" scores as this value represents popular domains. New domains or domains that are not frequently visited by legitimate users will have a value as "none". This field is restricted to upgraded plans. | string | ||||||||||||
| user_activity | Frequency at which this email address makes legitimate purchases, account registrations, and engages in legitimate user behavior online. Values can be "high", "medium", "low", or "none". Values of "high" or "medium" are strong signals of healthy usage. New email addresses without a history of legitimate behavior will have a value as "none". This field is restricted to higher plan tiers. | string | ||||||||||||
| associated_names | Displays first and last names linked to the email address, if available in our data sources. Match rates vary by country. This field is restricted to upgraded plans. Object value contains, "status", and "names" as an array. | object | ||||||||||||
| associated_phone_numbers | Displays phone numbers linked to the email address, if available in our data sources. Match rates vary by country. This field is restricted to upgraded plans. Object value contains, "status", and "phone_numbers" as an array. | object | ||||||||||||
| first_seen |
|
object | ||||||||||||
| domain_age |
|
object | ||||||||||||
| sanitized_email | Sanitized email address with all aliases and masking removed, such as multiple periods for Gmail.com. | string | ||||||||||||
| request_id | A unique identifier for this request that can be used to lookup the request details or send a postback conversion notice. | string | ||||||||||||
| success | Was the request successful? | boolean | ||||||||||||
| message | A generic status message, either success or some form of an error notice. | string | ||||||||||||
| errors | Array of errors which occurred while attempting to process this request. | array of strings |