API 2.0 Overview API 2.0 Reference API 1.0 Reference What's New
Alliance Partners
Become a Partner

Message Release Logs

In this guide:

Description

This endpoint can be used to find messages that were either released to the recipient, with details about the user that processed the release. These logs also include messages that expired in the held queue, and were dropped by Mimecast housekeeping services.

Pre-requisites

  • In order to successfully use this endpoint the logged in user must be a Mimecast administrator with at least the Monitoring | Held | Read permission.

URI

To use this endpoint you send a POST request to:

  • /api/gateway/get-held-release-logs

Request Headers

The following request headers must be included in your request:

Field Description
Authorization Please see the Authorization guide for more information on building the Authorization header.
x-mc-req-id

A randomly generated GUID, for example,

8578FCFC-A305-4D9A-99CB-F4D5ECEFE297
x-mc-app-id The Application ID provided with your Registered API Application.
x-mc-date

The current date and time in the following format, for example,

Tue, 24 Nov 2015 12:50:11 UTC

Request Body

{
  "meta": {
    "pagination": {
      "pageSize": 25,
      "pageToken": "String"
    }
  },
  "data": [
    {
      "searchBy": {
        "fieldName": "heldReason",
        "value": "High-Confidence Impersonation Protection"
      },
      "filterBy": [
        {
          "fieldName": "route",
          "value": "inbound"
        }
      ],
      "start": "2015-11-16T14:49:18+00:00",
      "end": "2015-11-25T14:49:18+00:00"
    }
  ]
}
meta
Field Type Required Description
pagination Object Optional An object defining paging options for the request.
Paginiation Object
Field Type Required Description
pageSize Number Optional The number of results to request.
pageToken String Optional The value of the 'next' or 'previous' fields from an earlier request.
Data
Field Type Required Description
searchBy Search Object Optional Field name and value on which to base search.
filterBy Array of Filter Objects Optional Filters that should be applied to the search results.
start Date String Optional The start date of results to return in ISO 8601 format. Default value is one month before the current date.
end Date String Optional The end date of results to return in ISO 8601 format. Default value is the current date.
Search Object
Field Type Required Description
fieldName String Optional The field on which to be filtered. Possible field names are: all, operator, from, to, subject, info or heldReason
value String Optional The value of which the filter will be applied.
Filter Object
Field Type Required Description
fieldName String Optional The field on which to be filtered. Possible values are: route, status or attachments.
value String Optional The value of which the filter will be applied. Possible values for route are: all, internal, outbound, inbound or external. Possible values for status are: released or rejected. Possible values for attachments are: true or false.

Response

{
  "fail": [],
  "meta": {
    "status": 200,
    "pagination": {
      "pageSize": 25,
      "next": "String",
      "previous": "String"
    }
  },
  "data": [
    {
      "heldReleaseLogs": [
        {
          "spamProcessingDetail": {
            "greyEmail": true,
            "permittedSender": {
              "allow": true,
              "info": "allow"
            },
            "managedSender": {
              "allow": true,
              "info": "allow"
            },
            "dkim": {
              "allow": true,
              "info": "allow"
            },
            "spf": {
              "allow": true,
              "info": "allow"
            },
            "rbl": {
              "allow": true,
              "info": "allow"
            },
            "dmarc": {
              "allow": true,
              "info": "allow"
            },
            "spamVerdict": {
              "decision": "spam",
              "description": "",
              "risk": "low",
              "categories": [
                {
                  "name": "spam",
                  "risk": "low",
                  "subcategories": [
                    {
                      "name": "phishing",
                      "risk": "low",
                      "augmentations": [
                        {
                          "name": "body",
                          "risk": "negligible"
                        }
                      ]
                    }
                  ]
                }
              ]
            }
          },
          "attachments": true,
          "messageInfo": "Expired in queue - rejected by housekeeping",
          "subject": "Exclusive Offer - You don't want to miss this!",
          "detectionLevel": "moderate",
          "heldGroup": "IT Staff Global",
          "operator": "admin@domain.tld",
          "fromEnv": {
            "emailAddress": "user@domain.tld",
            "displayableName": "FirstName LastName"
          },
          "rejectReason": "Message contains undesirable content",
          "route": "inbound",
          "size": 5043,
          "heldReason": "High-Confidence Impersonation Protection",
          "spamScore": 12,
          "id": "eNpVj21LhEAUhf_LfN2VnRl1RpclCN...",
          "to": [
            {
              "emailAddress": "user@domain.tld",
              "displayableName": "FirstName LastName"
            }
          ],
          "released": "2015-11-25T14:49:18+00:00",
          "fromHdr": {
            "emailAddress": "user@domain.tld",
            "displayableName": "FirstName LastName"
          },
          "status": "released",
          "policy": "Moderate Spam Detection"
        }
      ]
    }
  ]
}
meta
Field Type Description
status Number The function level status of the request.
pagination Object An object containing paging information.
Pagination Object
Field Type Description
pageSize Number The number of results requested.
next String A pageToken value that can be used to request the next page of results. Only returned if there are more results to return.
previous String A pageToken value that can be used to request the previous page of results. Only returned if there is a previous page.
data
Field Type Description
heldReleaseLogs Array of released Objects The resulting messages that match the search and filter queries.
Released Object
Field Type Description
spamProcessingDetail Spam Processing Detail Object Object containing the spam, sender validation and managed sender scan results.
attachments Boolean Indicates whether the message contains attachments.
messageInfo String Additional information around the release reason.
subject String The released message's subject line.
detectionLevel String Spam detection level, if held by a spam policy. Possible values are: relaxed, moderate, aggressive, cluster or whitelisted_cluster
heldGroup String The recipient group of the held message, if message was sent to a group.
operator String Email address of the user that released the message.
fromEnv Email Address Object Envelope from address information
rejectReason String Detail on the reason a message was rejected, if message was rejected.
route String Message direction. Possible values are: inbound or outbound.
size Number Total size of the message, in bytes.
heldReason String Detail around the reason the message was initially held. If held by a specific policy definition, this will be the name of the policy definition that triggered the message to be held.
spamScore Number The message spam score, based on the applied spam scanning policy definition.
id String The Mimecast secure ID of the specific message release log.
to Array of Email Address Objects Envelope from address information
released Date String Timestamp of the message release action in ISO 8601 format.
fromHdr Email Address Object Header from address information
status String Status of the message. Possible values are released or rejected.
policy String Name of the policy definition that triggered the message to be held.
Spam Processing Detail Object
Field Type Description
greyEmail Boolean Indicates with the spam was classified as graymail or bulk. Note that this API uses graymail and greymail interchangeably.
permittedSender Information Object Indicates if the sender has been permitted by policy.
managedSender Information Object Indicates if the sender has been permitted by a Managed Sender entry.
dkim Information Object Indicates if the message passed DKIM checks.
spf Information Object Indicates if the message passed SPF checks.
rbl Information Object Indicates if the message passed RBL checks.
dmarc Information Object Indicates if the message passed DMARC checks.
spamVerdict Spam Verdict Object Information about the spam scanning results.
Email Address Object
Field Type Description
emailAddress String The routable email address of the user
displayableName String Display name of the user address. If none exists, this field will be empty.
Spam Verdict Object
Field Type Description
decision String Indicating what the ultimate verdict was for the message.
description String Description of the spam verdict decision.
risk String Identified risk level within the spam detection. Possible values are: negligible, low, high.
categories Array of Category Objects Spam detection type categories
Spam Category Object
Field Type Description
name String Name of the scanning category. Possible values are spam, phishing or graymail. Note that this API uses graymail and greymail interchangeably.
risk String Identified risk level within the category detection. Possible values are: negligible, low, high.
subcategories Array of Spam Subcategory Objects Additional category information under the high-level category.
Spam Subcategory Object
Field Type Description
name String Name of the scanning subcategory.
risk String Identified risk level within the subcategory detection. Possible values are: negligible, low, high.
augmentations Array of Augmentation Objects Component of the message where this subcategory was identified.
Augmentation Object
Field Type Description
name String Name of the message component.
risk String Identified risk level within the component scanning. Possible values are: negligible, low, high.
Information Object
Field Type Description
allow Boolean Indicates if this check was performed.
info String Details about the check result.

Sample Code

Sample code is provided to demonstrate how to use the API and is not representative of a production application. To use the sample code; complete the required variables as described, populate the desired values in the request body, and execute in your favorite IDE.  Please see the Global Base URL's page to find the correct base URL to use for your account.

POST {base_url}/api/gateway/get-held-release-logs
Authorization: MC {accesskKey}:{Base64 encoded signed Data To Sign}
x-mc-date: {dateTime}
x-mc-req-id: {unique id}
x-mc-app-id: {applicationId}
Content-Type: application/json
Accept: application/json

{
  "meta": {
    "pagination": {
      "pageSize": 25,
      "pageToken": "String"
    }
  },
  "data": [
    {
      "searchBy": {
        "fieldName": "heldReason",
        "value": "High-Confidence Impersonation Protection"
      },
      "filterBy": [
        {
          "fieldName": "route",
          "value": "inbound"
        }
      ],
      "start": "2015-11-16T14:49:18+00:00",
      "end": "2015-11-25T14:49:18+00:00"
    }
  ]
}

import base64
import hashlib
import hmac
import uuid
import datetime
import requests

# Setup required variables
base_url = "https://xx-api.mimecast.com"
uri = "/api/gateway/get-held-release-logs"
url = base_url + uri
access_key = "YOUR ACCESS KEY"
secret_key = "YOUR SECRET KEY"
app_id = "YOUR APPLICATION ID"
app_key = "YOUR APPLICATION KEY"

# Generate request header values
request_id = str(uuid.uuid4())
hdr_date = datetime.datetime.utcnow().strftime("%a, %d %b %Y %H:%M:%S") + " UTC"

# DataToSign is used in hmac_sha1
dataToSign = ':'.join([hdr_date, request_id, uri, app_key])

# Create the HMAC SHA1 of the Base64 decoded secret key for the Authorization header
hmac_sha1 = hmac.new(base64.b64decode(secret_key), dataToSign.encode(), digestmod=hashlib.sha1).digest()

# Use the HMAC SHA1 value to sign the hdrDate + ":" requestId + ":" + URI + ":" + appkey
sig = base64.b64encode(hmac_sha1).rstrip()

# Create request headers
headers = {
    'Authorization': 'MC ' + access_key + ':' + sig.decode(),
    'x-mc-app-id': app_id,
    'x-mc-date': hdr_date,
    'x-mc-req-id': request_id,
    'Content-Type': 'application/json'
}

payload = {
  'meta': {
    'pagination': {
      'pageSize': 25,
      'pageToken': 'String'
    }
  },
  'data': [
    {
      'searchBy': {
        'fieldName': 'heldReason',
        'value': 'High-Confidence Impersonation Protection'
      },
      'filterBy': [
        {
          'fieldName': 'route',
          'value': 'inbound'
        }
      ],
      'start': '2015-11-16T14:49:18+00:00',
      'end': '2015-11-25T14:49:18+00:00'
    }
  ]
}

r = requests.post(url=url, headers=headers, data=str(payload))

print(r.text)
static void Main(string[] args)
        {
            //Setup required variables
            string baseUrl = "https://xx-api.mimecast.com";
            string uri = "/api/gateway/get-held-release-logs";
            string accessKey = "YOUR ACCESS KEY";
            string secretKey = "YOUR SECRET KEY";
            string appId = "YOUR APPLICATION ID";
            string appKey = "YOUR APPLICATION KEY";

            //Generate request header values
            string hdrDate = System.DateTime.Now.ToUniversalTime().ToString("R");
            string requestId = System.Guid.NewGuid().ToString();

            //Create the HMAC SHA1 of the Base64 decoded secret key for the Authorization header
            System.Security.Cryptography.HMAC h = new System.Security.Cryptography.HMACSHA1(System.Convert.FromBase64String(secretKey));

            //Use the HMAC SHA1 value to sign the hdrDate + ":" requestId + ":" + URI + ":" + appkey
            byte[] hash = h.ComputeHash(System.Text.Encoding.Default.GetBytes(hdrDate + ":" + requestId + ":" + uri + ":" + appKey));

            //Build the signature to be included in the Authorization header in your request
            string signature = "MC " + accessKey + ":" + System.Convert.ToBase64String(hash);

            //Build Request
            System.Net.HttpWebRequest request = (System.Net.HttpWebRequest)System.Net.WebRequest.Create(baseUrl + uri);
            request.Method = "POST";
            request.ContentType = "application/json";

            //Add Headers
            request.Headers[System.Net.HttpRequestHeader.Authorization] = signature;
            request.Headers.Add("x-mc-date", hdrDate);
            request.Headers.Add("x-mc-req-id", requestId);
            request.Headers.Add("x-mc-app-id", appId);

            //Add request body
            //Create and write data to stream
            string postData = @"{
  ""meta"": {
    ""pagination"": {
      ""pageSize"": 25,
      ""pageToken"": ""String""
    }
  },
  ""data"": [
    {
      ""searchBy"": {
        ""fieldName"": ""heldReason"",
        ""value"": ""High-Confidence Impersonation Protection""
      },
      ""filterBy"": [
        {
          ""fieldName"": ""route"",
          ""value"": ""inbound""
        }
      ],
      ""start"": ""2015-11-16T14:49:18+00:00"",
      ""end"": ""2015-11-25T14:49:18+00:00""
    }
  ]
}";

            byte[] payload = System.Text.Encoding.UTF8.GetBytes(postData);

            System.IO.Stream stream = request.GetRequestStream();
            stream.Write(payload, 0, payload.Length);
            stream.Close();

            //Send Request
            System.Net.HttpWebResponse response = (System.Net.HttpWebResponse)request.GetResponse();

            //Output response to console
            System.IO.StreamReader reader = new System.IO.StreamReader(response.GetResponseStream());
            string responseBody = "";
            string temp = null;
            while ((temp = reader.ReadLine()) != null)
            {
                responseBody += temp;
            };
            System.Console.WriteLine(responseBody);
            System.Console.ReadLine();
        }
#Setup required variables
$baseUrl = "https://xx-api.mimecast.com"
$uri = "/api/gateway/get-held-release-logs"
$url = $baseUrl + $uri
$accessKey = "YOUR ACCESS KEY"
$secretKey = "YOUR SECRET KEY"
$appId = "YOUR APPLICATION ID"
$appKey = "YOUR APPLICATION KEY"

#Generate request header values
$hdrDate = (Get-Date).ToUniversalTime().ToString("ddd, dd MMM yyyy HH:mm:ss UTC")
$requestId = [guid]::NewGuid().guid

#Create the HMAC SHA1 of the Base64 decoded secret key for the Authorization header
$sha = New-Object System.Security.Cryptography.HMACSHA1
$sha.key = [Convert]::FromBase64String($secretKey)
$sig = $sha.ComputeHash([Text.Encoding]::UTF8.GetBytes($hdrDate + ":" + $requestId + ":" + $uri + ":" + $appKey))
$sig = [Convert]::ToBase64String($sig)

#Create Headers
$headers = @{"Authorization" = "MC " + $accessKey + ":" + $sig;
                "x-mc-date" = $hdrDate;
                "x-mc-app-id" = $appId;
                "x-mc-req-id" = $requestId;
                "Content-Type" = "application/json"}

#Create post body
$postBody = "{
  ""meta"": {
    ""pagination"": {
      ""pageSize"": 25,
      ""pageToken"": ""String""
    }
  },
  ""data"": [
    {
      ""searchBy"": {
        ""fieldName"": ""heldReason"",
        ""value"": ""High-Confidence Impersonation Protection""
      },
      ""filterBy"": [
        {
          ""fieldName"": ""route"",
          ""value"": ""inbound""
        }
      ],
      ""start"": ""2015-11-16T14:49:18+00:00"",
      ""end"": ""2015-11-25T14:49:18+00:00""
    }
  ]
}"

#Send Request
$response = Invoke-RestMethod -Method Post -Headers $headers -Body $postBody -Uri $url

#Print the response
$response
public static void main(String[] args) throws java.io.IOException, java.security.NoSuchAlgorithmException, java.security.InvalidKeyException {

        //set up variables for request
        String baseUrl = "https://xx-api.mimecast.com";
        String uri = "/api/gateway/get-held-release-logs";
        String url = "https://" + baseUrl + uri;
        String accessKey = "YOUR ACCESS KEY";
        String secretKey = "YOUR SECRET KEY";
        String appId = "YOUR APPLICATION ID";
        String appKey = "YOUR APPLICATION KEY";

        //create URL object
        java.net.URL obj = new java.net.URL(url);

        // set guid for x-mc-req-id header
        String guid = java.util.UUID.randomUUID().toString();

        // set date for x-mc-date header
        java.text.SimpleDateFormat sdf = new java.text.SimpleDateFormat("EEE, d MMM yyyy HH:mm:ss z");
        sdf.setTimeZone(java.util.TimeZone.getTimeZone("UTC"));
        String date = sdf.format(new java.util.Date());

        //create signature for the Authorization header
        String dataToSign = date + ":" + guid + ":" + uri + ":" + appKey;
        String hmacSHA1 = "HmacSHA1";
        javax.crypto.spec.SecretKeySpec signingKey = new javax.crypto.spec.SecretKeySpec(org.apache.commons.codec.binary.Base64.decodeBase64(secretKey.getBytes()), hmacSHA1);
        javax.crypto.Mac mac = javax.crypto.Mac.getInstance(hmacSHA1);
        mac.init(signingKey);
        String sig = new String(org.apache.commons.codec.binary.Base64.encodeBase64(mac.doFinal(dataToSign.getBytes())));

        // create request object
        javax.net.ssl.HttpsURLConnection con = (javax.net.ssl.HttpsURLConnection) obj.openConnection();

        //set request type to POST
        con.setRequestMethod("POST");
        con.setDoOutput(true);

        //add reuqest headers
        con.setRequestProperty("Authorization", "MC " + accessKey + ":" + sig);
        con.setRequestProperty("x-mc-req-id", guid);
        con.setRequestProperty("x-mc-app-id", appId);
        con.setRequestProperty("x-mc-date", date);
        con.setRequestProperty("Content-Type", "application/json");
        con.setRequestProperty("Accept", "application/json");

        //Add post body to the request
        String postBody = "{\n" +
"  \"meta\": {\n" +
"    \"pagination\": {\n" +
"      \"pageSize\": 25,\n" +
"      \"pageToken\": \"String\"\n" +
"    }\n" +
"  },\n" +
"  \"data\": [\n" +
"    {\n" +
"      \"searchBy\": {\n" +
"        \"fieldName\": \"heldReason\",\n" +
"        \"value\": \"High-Confidence Impersonation Protection\"\n" +
"      },\n" +
"      \"filterBy\": [\n" +
"        {\n" +
"          \"fieldName\": \"route\",\n" +
"          \"value\": \"inbound\"\n" +
"        }\n" +
"      ],\n" +
"      \"start\": \"2015-11-16T14:49:18+00:00\",\n" +
"      \"end\": \"2015-11-25T14:49:18+00:00\"\n" +
"    }\n" +
"  ]\n" +
"}";
        java.io.OutputStream os = con.getOutputStream();
        os.write(postBody.getBytes("UTF-8"));
        os.close();

        //process response
        java.io.BufferedReader in = new java.io.BufferedReader(
                new java.io.InputStreamReader(con.getInputStream()));
        String inputLine;
        StringBuffer response = new StringBuffer();

        while ((inputLine = in.readLine()) != null) {
            response.append(inputLine);
        }
        in.close();

        //return result
        java.lang.System.out.println(response.toString());
    }
Back to Top