You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/content/docs/learning-paths/secure-o365-email/monitor-your-inbox/monitor-detections.mdx
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,13 +5,13 @@ sidebar:
5
5
order: 2
6
6
---
7
7
8
-
Spam and Malicious emails are blocked outright by Email Security, but suspicious and spoof dispositions should be monitored. Suspicious messages should be investigated by a security analyst to determine the legitimacy of the message.
8
+
Spam and Malicious emails are blocked outright by Email Security, but Suspicious and Spoof dispositions should be monitored. Suspicious messages should be investigated by a security analyst to determine the legitimacy of the message.
9
9
10
10
[PhishGuard](/cloudflare-one/email-security/phish-guard/) (Cloudflare's managed email security service) can review these messages for you and move them from the end user inbox if they are deemed malicious.
11
11
12
-
Messages that receive a Spoof disposition should be investigated as well because it signals that the traffic is either non-compliant with your email authentication process [SPF](https://www.cloudflare.com/en-gb/learning/dns/dns-records/dns-spf-record/), [DKIM](https://www.cloudflare.com/en-gb/learning/dns/dns-records/dns-dkim-record/), [DMARC](https://www.cloudflare.com/en-gb/learning/dns/dns-records/dns-dmarc-record/), or has a mismatching Envelope From and Header From value.
12
+
Messages that receive a Spoof disposition should be investigated because it signals that the traffic is either non-compliant with your email authentication process [SPF](https://www.cloudflare.com/en-gb/learning/dns/dns-records/dns-spf-record/), [DKIM](https://www.cloudflare.com/en-gb/learning/dns/dns-records/dns-dkim-record/), [DMARC](https://www.cloudflare.com/en-gb/learning/dns/dns-records/dns-dmarc-record/), or has a mismatching Envelope From and Header From value.
13
13
14
-
In most cases, this disposition is triggered by a legitimate third-party mail service. If you determine that the Spoofed email is a legitimate business use case, you can either:
14
+
In most cases, a Spoof disposition is triggered by a legitimate third-party mail service. If you determine that the Spoofed email is a legitimate business use case, you can either:
15
15
16
16
- Update your email authentication records.
17
17
- Add an acceptable sender [allow policy](/cloudflare-one/email-security/detection-settings/allow-policies/) to exempt messages from the Spam, Spoof or Bulk disposition, but not Malicious or Suspicious, so the content of the message can still be monitored.
@@ -20,7 +20,7 @@ In most cases, this disposition is triggered by a legitimate third-party mail se
20
20
21
21
Email Security offers a variety of ways for you to better examine and understand your message traffic:
22
22
23
-
You can search for emails that have been processed by Email Security, whether they are marked with a[detection disposition](/email-security/reference/dispositions-and-attributes/) or not.
23
+
You can search for emails that have been processed by Email Security, whether they are marked with a[detection disposition](/email-security/reference/dispositions-and-attributes/) or not.
Copy file name to clipboardExpand all lines: src/content/docs/learning-paths/secure-o365-email/monitor-your-inbox/phishguard.mdx
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -17,6 +17,6 @@ sidebar:
17
17
As a PhishGuard customer, the following service offerings should be enabled:
18
18
19
19
- Escalation contacts must be configured in the Email Security dashboard: This allows for email reports to be delivered regarding high risk items identified and responded to by the team.
20
-
- Auto-moves should be enabled and configured for quarantine of identified items: `MALICIOUS` should be prioritized, but configuring Spam for a move to junk/trash or even soft delete may also be highly useful to the client.
20
+
- Auto-moves should be enabled and configured for quarantine of identified items: Malicious should be prioritized, but configuring Spam for a move to junk/trash or even soft delete may also be highly useful to the client.
21
21
22
22
Refer to the [PhishGuard](/cloudflare-one/email-security/phish-guard/) documentation to learn more about this add-on service.
0 commit comments