Enricher - IPQualityScore Email Verification#

Note

This article describes how to configure a particular enrichment source. To see how to configure enrichers in general, see Configure enrichers.

Specification

Enricher name

IPQualityScore Email Verification

Supported observable types

  • email

Output

Enriches supported observable types to produce:

  • Indicator Entity with related observables

API endpoint

https://ipqualityscore.com/api/json/email

Requirements#

IPQualityScore API Key.

Configure the enricher#

Note

Required fields are marked with an asterisk (*).

  1. Edit the enricher.

  2. Set the Source reliability for this enricher. All objects produced by this enricher inherits this source reliability.

  3. In the Parameters section, set the following fields:

    Field name

    Description

    API URL*

    Default: https://ipqualityscore.com/api/json/email

    Change this to match your IPQualityScore account’s API URL.

    API Token*

    Enter your API Token.

    Strictness Level

    Provide strictness level. Controls how aggressively spam traps and honeypots are detected.(Range : 0-2).

    Fast Mode

    Provide ‘true’ or ‘false’. Skips SMTP mailbox verification to return results faster

    LookUp Timeout

    Provide maximum number of seconds to wait for a reply from a mail service providerLookup with timeout set to 20.

    SSL verification

    Select to enforce SSL verification.

    Path to SSL certificate file

    Enter the path to a SSL certificate file located on the EclecticIQ Intelligence Center host filesystem.

    To use an SSL certificate, it must be:

    • Accessible on the EclecticIQ Intelligence Center host.

    • Placed in a location that can be accessed by the eclecticiq user.

    • Owned by eclecticiq:eclecticiq.

    To make sure that EclecticIQ Intelligence Center can access the SSL certificate:

    1. Upload the SSL certificate to a location on the EclecticIQ Intelligence Center host.

    2. On the EclecticIQ Intelligence Center host, open the terminal.

    3. Change ownership of the SSL certificate by running as root in the terminal:

      chown eclecticiq:eclecticiq /path/to/cert.pem

      Where /path/to/cert.pem is the location of the SSL certificate EclecticIQ Intelligence Center needs to access.

  4. Select Save to save your changes.