update copy to reflect the original

Maddy-Cloudflare · Maddy-Cloudflare · commit 96f125e4a3ba · 2025-08-11T15:38:27.000+01:00
diff --git a/src/content/docs/cloudflare-one/email-security/setup/pre-delivery-deployment/prerequisites/gsuite-email-security-mx.mdx b/src/content/docs/cloudflare-one/email-security/setup/pre-delivery-deployment/prerequisites/gsuite-email-security-mx.mdx
@@ -66,13 +66,11 @@ If desired, you can create a separate quarantine for each of the dispositions.
 
 <Render file="email-security/deployment/set-up-mx-inline-step"/>
 
-## 5. Secure your mail flow
+## 5. Secure your email flow
 
 After 36 hours, the MX record DNS update will have sufficiently propagated across the Internet. It is now safe to secure your email flow. This will ensure that Google only accepts messages that are first received by Email Security. This step is highly recommended to prevent threat actors from using cached MX entries to bypass Email Security by injecting messages directly into Gmail.
 
-To secure your mail flow:
-
-1. In the [Google Administrative Console](https://admin.google.com/), go to **Apps** > **Google Workspace** > **Gmail**.
+1. Access the [Google Administrative Console](https://admin.google.com/), then select **Apps** > **Google Workspace** > **Gmail**.
 
 2. Select **Spam, Phishing and Malware**.
 
diff --git a/src/content/docs/cloudflare-one/email-security/setup/pre-delivery-deployment/prerequisites/m365-email-security-mx/index.mdx b/src/content/docs/cloudflare-one/email-security/setup/pre-delivery-deployment/prerequisites/m365-email-security-mx/index.mdx
@@ -107,9 +107,9 @@ To create the transport rules that will send emails with certain [dispositions](
 
 <Render file="email-security/deployment/set-up-mx-inline-step"/>
 
-## 6. Secure Microsoft 365 from MX records bypass (Recommended)
+## 6. Secure Microsoft 365 from MX records bypass (recommended)
 
-One method of DNS attacks is to search for old MX records and send <GlossaryTooltip term="phishing">phishing</GlossaryTooltip> emails directly to the mail server. To secure the email flow, you will want to enforce an email flow where inbound messages are accepted by Office 365 only when they originate from Email Security. This can be done by adding a connector to only allow email from Email Security with TLS encryption. This step is optional but recommended.
+One method of DNS attacks is to search for old MX records and send <GlossaryTooltip term="phishing">phishing</GlossaryTooltip> emails directly to the mail server. To secure the email flow, you will want to enforce an email flow where inbound messages are accepted by Microsoft 365 only when they originate from Email Security. This can be done by adding a connector to only allow email from Email Security with TLS encryption. This step is optional but recommended.
 
 :::caution[Important]
 This step should not be performed until 24 hours after all domains (excluding your `<on_microsoft.com>` domain) in your Microsoft 365 organization have been onboarded to Email Security, and Email Security is their MX record. If a domain has not been onboarded or DNS is still propagating, you will impact production email flow for that domain.
