cloudflare · Maddy-Cloudflare · Oct 9, 2024 · Sep 27, 2024 · Sep 27, 2024 · Sep 27, 2024
@@ -128,7 +128,7 @@
 /support/analytics/learn-more/what-are-the-types-of-threats/ /analytics/account-and-zone-analytics/threat-types/ 301
 /analytics/graphql-api/tutorials/build-your-own-analytics/ /analytics/graphql-api/tutorials/ 301
 
-# area1
+# email-security
 /email-security/reporting/search/unified-search/ /email-security/reporting/search/ 301
 /email-security/reporting/search/detection-search/ /email-security/reporting/search/ 301
 /email-security/reporting/search/detection-search/available-parameters/ /email-security/reporting/search/available-parameters/ 301
@@ -364,6 +364,10 @@
 /email-routing/get-started/email-addresses/ /email-routing/setup/email-routing-addresses/ 301
 /email-routing/known-limitations/ /email-routing/postmaster/ 301
 
+# email-security
+/email-security/setup/api-deployment/ /email-security/setup/post-delivery-deployment/api/ 301
+/email-security/setup/api-deployment/office365-api/ /email-security/setup/post-delivery-deployment/api/office365-api/ 301
+
 # firewall
 /firewall/api/cf-lists/ /waf/tools/lists/lists-api/ 301
 /firewall/api/cf-lists/endpoints/ /waf/tools/lists/lists-api/endpoints/ 301

@@ -11,7 +11,7 @@ import { Description } from "~/components"
 Secure your email inbox with API-first Email Security.
 </Description>
 
-Email Security secures your email inbox with [API-first email security](/cloudflare-one/email-security/setup/api-deployment/). Email Security integrates with your existing email provider and blocks phishing attacks, malware, [Business Email Compromise](https://www.cloudflare.com/en-gb/learning/email-security/business-email-compromise-bec/) attacks, and vendor email fraud.
+Email Security secures your email inbox with API-first email security. Email Security integrates with your existing email provider and blocks phishing attacks, malware, [Business Email Compromise](https://www.cloudflare.com/en-gb/learning/email-security/business-email-compromise-bec/) attacks, and vendor email fraud.
 
 Email Security allows you to:
 

@@ -0,0 +1,10 @@
+---
+title: Information about your domain
+pcx_content_type: concept
+sidebar:
+  order: 1
+---
+
+import { GlossaryTooltip, Render } from "~/components"
+
+<Render file="email-security/domain-information" />
@@ -3,6 +3,8 @@ title: Reference
 pcx_content_type: navigation
 sidebar:
   order: 8
+  group:
+    hideIndex: true
 ---
 
 import { DirectoryListing } from "~/components"

@@ -7,6 +7,6 @@ sidebar:
 
 import { DirectoryListing } from "~/components"
 
-Learn how to set up Email Security:
+You can set up Email Security via:
 
 <DirectoryListing />
@@ -20,7 +20,7 @@ To enable Email Security:
 2. Select **Email Security**.
 3. Select **Monitoring**. If you are a first time user, select **Contact sales**. Otherwise, select **Connect an integration**.
 
-Continue with [Enable Microsoft integration](/cloudflare-one/email-security/setup/api-deployment/office365-api/#enable-microsoft-integration) for the next steps.
+Continue with [Enable Microsoft integration](/cloudflare-one/email-security/setup/post-delivery-deployment/api/office365-api/#enable-microsoft-integration) for the next steps.
 
 ### Enable Microsoft integration
 
@@ -35,7 +35,7 @@ To enable Microsoft integration:
    - Select **Complete ES set up** where you will be able to connect your domains and configure auto-moves.
    - Select **Continue to ES**.
 
-Continue with [Connect your domains](/cloudflare-one/email-security/setup/api-deployment/office365-api/#connect-your-domains) for the next steps.
+Continue with [Connect your domains](/cloudflare-one/email-security/setup/post-delivery-deployment/api/office365-api/#connect-your-domains) for the next steps.
 
 ### Connect your domains
 

@@ -0,0 +1,76 @@
+---
+title: Microsoft Exchange BCC setup
+pcx_content_type: integration-guide
+sidebar:
+  order: 2
+head:
+  - tag: title
+    content: Setup phishing risk assessment for Microsoft Exchange with Email
+      Security 
+
+---
+
+import { GlossaryTooltip, Render } from "~/components"
+
+For customers using Microsoft Exchange, setting up Email Security via BCC is quick and easy. You need to configure an inbound rule to send emails to Email Security via BCC for processing and detection of potential <GlossaryTooltip term="phishing">phishing</GlossaryTooltip> attacks. The following email flow shows how this works:
+
+![Email flow when setting up a phishing assessment risk for Microsoft Exchange with Email Security.](~/assets/images/email-security/deployment/api-setup/exchange/bcc-exchange-flow.png)
+
+## Configure Inbound Rule
+
+1. Access Exchange's **Management Console**, and go to **Organization Configuration** > **Hub Transport**.
+
+   ![Access Hub transport](~/assets/images/email-security/deployment/api-setup/exchange/step1.png)
+
+2. On the **Actions** pane, select **New Transport Rule**.
+
+3. Give the transport rule a name and a description and select **Next**.
+
+   ![Give transport rule a name and description](~/assets/images/email-security/deployment/api-setup/exchange/step3.png)
+
+4. In the **Condition** configuration panel, select the option **from users that are inside or outside the organization** option. In the dropdown that opens, select **Outside the organization**.
+
+   ![Select scope of transport rule](~/assets/images/email-security/deployment/api-setup/exchange/step4.png)
+
+5. Still in the same **Condition** configuration panel, add a second condition to the transport rule. Select **sent to users that are inside or outside the organization, or partners**. Keep the default value of **Inside the organization**.
+
+   ![Select where to send emails](~/assets/images/email-security/deployment/api-setup/exchange/step5.png)
+
+6. Select **Next**.
+
+7. In the **Action** configuration panel, select **Blind carbon copy (Bcc) the message to addresses**. Edit the **addresses** variable to add the addresses you want to copy as BCC.
+
+   ![Select BCC and edit email addresses](~/assets/images/email-security/deployment/api-setup/exchange/step7.png)
+
+8. In **Specify Recipient**, select the **down arrow** next to the **Add** button > **External E-Mail Address**.
+
+   ![Select external e-mail address](~/assets/images/email-security/deployment/api-setup/exchange/step8.png)
+
+9. Enter the BCC address provided by Email Security. This address is specific to your account.
+
+   ![Enter the BCC address provided by Email Security](~/assets/images/email-security/deployment/api-setup/exchange/step9.png)
+
+10. Select **OK** > **OK** to return to the main configuration page of the transport rule.
+
+11. At the main configuration page of the transport rule, select **Next** to continue to the Exception configuration panel.
+
+12. You do not need to configure an exception rule. Select **Next**.
+
+    ![You do not need to configure an exception rule](~/assets/images/email-security/deployment/api-setup/exchange/step12.png)
+
+13. In **Create Rule**, select the **New** button.
+
+    ![Select the new button](~/assets/images/email-security/deployment/api-setup/exchange/step13.png)
+
+14. Select **Finish** to close the transport rule configuration panel. This will return you to the Exchange Management Console.
+
+    ![Select finish](~/assets/images/email-security/deployment/api-setup/exchange/step14.png)
+
+:::note
+
+If you have multiple rules, you may need to change the order of the BCC rule and move it to the right location in your rule sequence. This is needed so you can send BCC messages to Email Security. Usually, the Email Security BCC rule will be at the top of the ruleset. The configured conditions of the Email Security BCC rule will only trigger for inbound messages. 
+:::
+
+## Email processing and reports
+
+In BCC mode, all emails are put through automated phishing detections by Email Security. Emails that trigger phishing detections are logged for reporting via product portal, email and Slack. Emails that do not trigger any detections are deleted.
@@ -0,0 +1,13 @@
+---
+title: BCC setup
+pcx_content_type: navigation
+sidebar:
+  order: 1
+  group:
+    hideIndex: true
+---
+
+import { DirectoryListing } from "~/components"
+
+
+<DirectoryListing />
@@ -0,0 +1,13 @@
+---
+title: BCC/Journaling
+pcx_content_type: concept
+sidebar:
+  order: 1
+  group:
+   hideIndex: true
+---
+
+BCC/Journaling deployment is a post-delivery type of deployment. Every time you receive an email, your email provider will send a blind copy to Cloudflare for an analysis.
+
+
+![Journaling deployment M365](~/assets/images/email-security/deployment/api-setup/journaling/CF_Email_Security_DeploymentAPI_Diagram.png)
@@ -0,0 +1,13 @@
+---
+title: Journaling setup
+pcx_content_type: navigation
+sidebar:
+  order: 1
+  group:
+    hideIndex: true
+---
+
+import { DirectoryListing } from "~/components"
+
+
+<DirectoryListing />
@@ -0,0 +1,35 @@
+---
+title: Manage domains
+sidebar:
+  order: 4
+---
+
+## Filter domains
+
+To filter your domains:
+
+1. Select **Settings**.
+2. Select **Configured method** and/or **Status**:
+    * If you select **Configured method**, choose among the following:
+        * **All**: To view all the domains.
+        * **MS Graph API**: To view domains connected via MS Graph API.
+        * **BCC/Journaling**: To view domains connected via BCC/Journaling.
+    * If you select **Status**, choose among the following:
+        * **All**: To view Active and No mail flow domains.
+        * **Active**: To view active domains. A domain is active when the connection is running, and Email Security is able to scan email messages.
+        * **No mail flow**: To view no mail flow domains. A domain has a "No mail flow" status when no mail flow is detected. You may not have any email traffic or your BCC/Journaling configuration is incomplete. 
+
+## Edit domains
+
+To edit your domains:
+
+1. On the **Domains** page, locate your domain, select the three dots > **Edit**.
+2. If you did not manually add your domain, you will only be able to edit **Hops**. If you manually added your domain, you will be able to edit **Domain name** and **Hops**.
+3. Select **Save**.
+
+## Prevent Cloudflare from scanning a domain
+
+To unscan domains:
+
+1. On the **Domains** page, locate your domain, select the three dots > **Unscan**.
+2. Select **Unscan** again to stop Cloudflare from scanning your domain.
@@ -0,0 +1,48 @@
+---
+title: Manually add domains
+sidebar:
+  order: 3
+---
+
+import { GlossaryTooltip } from "~/components"
+
+To manually add domains:
+
+1. Log in to [Zero Trust](https://one.dash.cloudflare.com/).
+2. Select **Zero Trust**.
+3. Select **Email Security**.
+4. Select **Monitoring**: If you have not purchased Email Security, select **Contact Sales**. Otherwise, select **Connect a domain**.
+5. Select **BCC/Journaling**.
+6. Select **Manual add**.
+
+## Users with domains on Cloudflare
+
+On the **Set up Email Security** page:
+
+1. **Connect domains**: Select at least one domain. Then, select **Continue**.
+2. (**Optional**) **Add manual domains**: Manually enter additional domains. Then, select **Continue**.
+3. (**Optional**) **Adjust hop count**: Enter the number of <GlossaryTooltip term="Hops">hops</GlossaryTooltip>, and then select **Continue**.
+4. **Configure service address with your third party email provider**: Copy and paste the service address into your third-party email provider to allow BCC/Journaling: `<account tag>@CF-emailsecurity.com`
+5. **Review details**: Review your connected domains. Then, select **Go to domains.** 
+
+## Users who do not have domains with Cloudflare
+
+If you do not have domains with Cloudflare, the dashboard will display two options:
+
+* Add a domain to Cloudflare.
+* Enter domain manually.
+
+### Add a domain to Cloudflare
+
+Selecting **Add a domain to Cloudflare** will redirect you to a new page where you will connect your domain to Cloudflare. Once you have entered an existing domain, select **Continue**.
+
+
+### Enter domain manually
+
+On the **Set up Email Security** page:
+
+1. **Connect domains**: Select at least one domain. Then, select **Continue**.
+2. (**Optional**) **Add manual domains**: Manually enter additional domains. Then, select **Continue**.
+3. (**Optional**) **Adjust hop count**: Enter the number of <GlossaryTooltip term="Hops">hops</GlossaryTooltip>, and then select **Continue**.
+4. **Configure service address with your third party email provider**: Copy and paste the service address into your third-party email provider to allow BCC/Journaling: `<account tag>@CF-emailsecurity.com`.
+5. **Review details**: Review your connected domains. Then, select **Go to domains.**
@@ -0,0 +1,54 @@
+---
+title: Office 365 journaling setup
+pcx_content_type: how-to
+sidebar:
+  order: 2
+---
+
+import { GlossaryTooltip } from "~/components"
+
+When you receive an email, the email lands on your Microsoft O365 inbox, and then Email Security receives a copy of that email. The following email flow shows how this works:
+
+![Email flow when setting up Office 365 with Email Security.](~/assets/images/email-security/deployment/api-setup/journaling/Email_Security_MS365_Journaling_Diagram.png)
+
+To enable Microsoft 365 journaling deployment:
+
+1. Log in to [Zero Trust](https://one.dash.cloudflare.com/).
+2. Select **Zero Trust**.
+3. Select **Email Security**.
+4. Select **Monitoring**: If you have not purchased Email Security, select **Contact Sales**. Otherwise, select **Connect a domain**.
+5. Select **BCC/Journaling**.
+6. Select **Integrate with MS** > **Authorize**.
+
+## Integrate with Microsoft O365
+
+To integrate with Microsoft O365:
+
+1. **Name integration**: Add your integration name, then select **Continue**.
+2. **Authorize integration**:
+   - Select **Authorize**. Selecting **Authorize** will take you to the **Microsoft Sign in** page where you will have to enter your email address.
+   - Once you enter your email address, select **Next**.
+   - After selecting **Next**, the dashboard will show you a dialog box with a list of requested permissions. Select **Accept to authorize Email Security**. Upon authorization, you will be redirected to a page where you can review details and enroll the integration.
+3. **Review details**: Review your integration details, then:
+   - Select **Complete Email Security set up** where you will be able to connect your domains and configure auto-moves.
+   - Select **Continue to Email Security**.
+
+Continue with [**Connect your domains**](/cloudflare-one/email-security/setup/post-delivery-deployment/bcc-journaling/journaling-setup/office365-journaling/#connect-your-domains) for the next steps.
+
+### Connect your domains
+
+On the **Set up Email Security** page:
+
+1. **Connect domains**: Select at least one domain. Then, select **Continue**.
+2. (**Optional**) **Add manual domains**: Select **Add domain name** to manually enter additional domains. Then, select **Continue**.
+3. (**Optional**) **Adjust hop count**: Enter the number of <GlossaryTooltip term="Hops">hops</GlossaryTooltip>. Then, select **Continue**.
+4. (**Optional**, select **Skip for now** to skip this step) **Move messages**: Refer to [Auto-moves](/cloudflare-one/email-security/auto-moves/) to configure auto-moves. Then, select **Continue**.
+5. **Configure service address with your third party email provider**: Copy and paste the service address into your third-party email provider to allow BCC/Journaling: `<account tag>@CF-emailsecurity.com`.
+6. **Review details**: Review your connected domains. Then, select **Go to domains.** 
+
+Your domains are now added successfully. 
+
+To view your connected domains:
+
+1. Go to **Settings**.
+2. Locate your domain, select the three dots > **View domain**. Selecting **View domain** will display information about your domain.
@@ -0,0 +1,12 @@
+---
+title: Post-delivery deployment
+pcx_content_type: navigation
+sidebar:
+  order: 1
+  group:
+    hideIndex: true
+---
+
+import { DirectoryListing } from "~/components"
+
+<DirectoryListing />
@@ -7,7 +7,7 @@ sidebar:
 
 import { GlossaryTooltip, Render } from "~/components"
 
-Once you have chosen a [domain to scan](/cloudflare-one/email-security/setup/api-deployment/office365-api/#connect-your-domains), Email Security allows you to monitor the traffic scanned from your email inboxes.
+Once you have chosen a [domain to scan](/cloudflare-one/email-security/setup/post-delivery-deployment/api/office365-api/#connect-your-domains), Email Security allows you to monitor the traffic scanned from your email inboxes.
 
 To monitor your inbox:
 

@@ -23,7 +23,7 @@ import { GlossaryTooltip, Render } from "~/components"
 
 For customers using Microsoft Exchange, setting up Email Security via BCC is quick and easy. You need to configure an inbound rule to send emails to Email Security via BCC for processing and detection of potential <GlossaryTooltip term="phishing">phishing</GlossaryTooltip> attacks. The following email flow shows how this works:
 
-![Email flow when setting up a phishing assessment risk for Microsoft Exchange with Email Security.](~/assets/images/email-security/deployment/api-setup/exchange/exchange-bcc-flow.png)
+![Email flow when setting up a phishing assessment risk for Microsoft Exchange with Email Security.](~/assets/images/email-security/deployment/api-setup/exchange/bcc-exchange-flow.png)
 
 ## Configure Inbound Rule
 

@@ -254,3 +254,7 @@ entries:
   - term: Zero Trust Security
     general_definition: |-
       Zero Trust Security is an IT security model that requires strict identity verification for every person and device accessing resources on a network.
+
+  - term: Hops
+    general_definition: |-
+      Hops refer to the stops an email makes as it travels from the sender to the recipient.
@@ -0,0 +1,8 @@
+- **Domain**: Domain name.
+- **Configured method**: The deployment method you used to configure your domain.
+- **Status**: Status indicates the state of the configuration. If the dashboard displays `No mail flow`, you may have to connect a domain to scan.
+- **Service address**: This is the email address you will use to send a copy of your email.
+- **Source**: Depending on how you added the domains, the dashboard will display **MS integration**, **CF zones**, or **Manual add**.
+- **Integration name**: Name of the integration. This field will only be displayed for Microsoft integrations.
+- **Hops**: The number of hops. This will not be displayed if the configuration method is Microsoft Graph API. Hop count will be visible only if it has been configured.
+- **Date added**: Date when the domain was added.