🔍 Code Extractor

class MailAssessmentRequest

Maturity: 52

A class representing a mail threat assessment request that inherits from ThreatAssessmentRequest, used to create and retrieve mail-based security threat assessments in Microsoft 365.

File:
/tf/active/vicechatdev/SPFCsync/venv/lib64/python3.11/site-packages/office365/directory/protection/threatassessment/mail_request.py
Lines:
6 - 13
Complexity:
moderate

Purpose

This class is used to create and manage mail threat assessment requests within the Microsoft 365 security framework. It allows applications to submit emails for security analysis and retrieve assessment results. The mail must be received by the user specified in recipientEmail, and requires delegated Mail permissions (Mail.Read or Mail.Read.Shared) to access the mail content. This is part of the Microsoft Graph API threat assessment functionality for evaluating potential security threats in email messages.

Source Code

class MailAssessmentRequest(ThreatAssessmentRequest):
    """
    Used to create and retrieve a mail threat assessment, derived from threatAssessmentRequest.

    When you create a mail threat assessment request, the mail should be received by the user specified
    in recipientEmail. Delegated Mail permissions (Mail.Read or Mail.Read.Shared) are requried to access the mail
    received by the user or shared by someone else.
    """

Parameters

Name Type Default Kind
bases ThreatAssessmentRequest -

Parameter Details

__init__: The constructor parameters are inherited from the parent class ThreatAssessmentRequest. Specific parameters are not defined in the provided code snippet, but typically would include properties like recipientEmail, category, contentType, and other threat assessment metadata required by the parent class.

Return Value

Instantiation returns a MailAssessmentRequest object that inherits all methods and properties from ThreatAssessmentRequest. Methods inherited from the parent class would typically return assessment results, status information, or confirmation of request submission.

Class Interface

Methods

__init__(self, **kwargs)

Purpose: Initializes a new MailAssessmentRequest instance, inheriting from ThreatAssessmentRequest

Parameters:

  • kwargs: Keyword arguments passed to the parent ThreatAssessmentRequest constructor, typically including recipientEmail, category, contentType, and other assessment metadata

Returns: None (constructor)

Attributes

Name Type Description Scope
recipient_email str The email address of the user who received the mail being assessed (inherited from parent class) instance
category str The threat category for the assessment (e.g., 'spam', 'malware', 'phish') (inherited from parent class) instance
status str The current status of the threat assessment request (inherited from parent class) instance
results collection Collection of assessment results returned by the threat assessment service (inherited from parent class) instance

Dependencies

  • office365

Required Imports

from office365.directory.protection.threatassessment.request import ThreatAssessmentRequest
from office365.directory.protection.threatassessment.mail_assessment_request import MailAssessmentRequest

Usage Example

from office365.directory.protection.threatassessment.mail_assessment_request import MailAssessmentRequest
from office365.runtime.auth.client_credential import ClientCredential
from office365.graph_client import GraphClient

# Authenticate
credentials = ClientCredential(client_id='your_client_id', client_secret='your_client_secret')
client = GraphClient(credentials)

# Create a mail assessment request
mail_assessment = MailAssessmentRequest()
mail_assessment.recipient_email = 'user@example.com'
mail_assessment.category = 'spam'
mail_assessment.expected_assessment = 'block'

# Submit the assessment request
client.threat_assessment.requests.add(mail_assessment).execute_query()

# Retrieve assessment results
result = mail_assessment.results
print(f'Assessment status: {mail_assessment.status}')

Best Practices

  • Ensure proper authentication with Microsoft Graph API before creating assessment requests
  • Verify that the application has the required delegated Mail permissions (Mail.Read or Mail.Read.Shared)
  • Always specify a valid recipientEmail that corresponds to the user who received the mail being assessed
  • Handle authentication errors and permission issues gracefully
  • Check the assessment status before attempting to retrieve results, as processing may be asynchronous
  • Follow Microsoft Graph API rate limits and throttling guidelines
  • Store and manage credentials securely, never hardcode them in source code
  • Use appropriate error handling for network failures and API errors
  • Consider implementing retry logic for transient failures

Tags

security threat-assessment email mail microsoft-365 graph-api protection spam-detection malware-detection office365

Similar Components

AI-powered semantic similarity - components with related functionality:

  • class ThreatAssessmentRequest 76.0% similar

    An abstract base class representing a threat assessment request item, inheriting from Entity. This class serves as a foundation for concrete threat assessment request implementations.

    From: /tf/active/vicechatdev/SPFCsync/venv/lib64/python3.11/site-packages/office365/directory/protection/threatassessment/request.py

  • class InformationProtection 67.2% similar

    A class that provides methods to interact with Microsoft Purview Information Protection services, specifically for creating threat assessment requests for email messages.

    From: /tf/active/vicechatdev/SPFCsync/venv/lib64/python3.11/site-packages/office365/directory/protection/information.py

  • class Incident 54.9% similar

    Represents a security incident in Microsoft 365 Defender, which is a collection of correlated alerts and metadata that tells the story of an attack in a tenant.

    From: /tf/active/vicechatdev/SPFCsync/venv/lib64/python3.11/site-packages/office365/directory/security/incidents/incident.py

  • class Simulation 54.8% similar

    Represents an attack simulation training campaign in Microsoft Defender for Office 365, providing access to phishing simulation exercises and training reports.

    From: /tf/active/vicechatdev/SPFCsync/venv/lib64/python3.11/site-packages/office365/directory/security/attacksimulations/simulation.py

  • class Alert_v1 54.6% similar

    Represents a security alert from Microsoft Graph security API, providing access to potential security issues identified by Microsoft 365 Defender or integrated security providers within a customer's tenant.

    From: /tf/active/vicechatdev/SPFCsync/venv/lib64/python3.11/site-packages/office365/directory/security/alerts/alert.py
← Back to Browse