-
Notifications
You must be signed in to change notification settings - Fork 10.4k
[Email Security] BCC/ Journaling deployment #17163
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from 8 commits
Commits
Show all changes
10 commits
Select commit
Hold shift + click to select a range
ab2a8aa
[Email Security] BCC/ Journaling deployment
Maddy-Cloudflare 293af22
Merge branch 'production' into maddy/pcx-13639-es
Maddy-Cloudflare 3d4c850
Update deployment titles
Maddy-Cloudflare 8263e6e
Adding redirects
Maddy-Cloudflare 01290f8
Fixing redirects
Maddy-Cloudflare 3745fd4
Fixing redirects
Maddy-Cloudflare 20e3afc
Updating diagrams + glossary
Maddy-Cloudflare 71f7602
Various fixes
Maddy-Cloudflare 7d64940
Apply suggestions from code review
Maddy-Cloudflare 4622dc1
[CF1 Email Security] Adding setup page
Maddy-Cloudflare File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Binary file added
BIN
+29.8 KB
...ssets/images/email-security/deployment/api-setup/exchange/bcc-exchange-flow.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file removed
BIN
-27.4 KB
...ssets/images/email-security/deployment/api-setup/exchange/exchange-bcc-flow.png
Binary file not shown.
Binary file added
BIN
+39.9 KB
...ity/deployment/api-setup/journaling/CF_Email_Security_DeploymentAPI_Diagram.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+14.7 KB
...ity/deployment/api-setup/journaling/Email_Security_MS365_Journaling_Diagram.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
10 changes: 10 additions & 0 deletions
10
src/content/docs/cloudflare-one/email-security/reference/domain-information.mdx
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| --- | ||
| title: Information about your domain | ||
| pcx_content_type: concept | ||
| sidebar: | ||
| order: 1 | ||
| --- | ||
|
|
||
| import { GlossaryTooltip, Render } from "~/components" | ||
|
|
||
| <Render file="email-security/domain-information" /> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
76 changes: 76 additions & 0 deletions
76
...up/post-delivery-deployment/bcc-journaling/bcc-setup/bcc-microsoft-exchange.mdx
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,76 @@ | ||
| --- | ||
| title: Microsoft Exchange BCC setup | ||
| pcx_content_type: integration-guide | ||
| sidebar: | ||
| order: 2 | ||
| head: | ||
| - tag: title | ||
| content: Setup phishing risk assessment for Microsoft Exchange with Email | ||
| Security | ||
|
|
||
| --- | ||
|
|
||
| import { GlossaryTooltip, Render } from "~/components" | ||
|
|
||
| For customers using Microsoft Exchange, setting up Email Security via BCC is quick and easy. You need to configure an inbound rule to send emails to Email Security via BCC for processing and detection of potential <GlossaryTooltip term="phishing">phishing</GlossaryTooltip> attacks. The following email flow shows how this works: | ||
|
|
||
|  | ||
|
|
||
| ## Configure Inbound Rule | ||
|
|
||
| 1. Access Exchange's **Management Console**, and go to **Organization Configuration** > **Hub Transport**. | ||
|
|
||
|  | ||
|
|
||
| 2. On the **Actions** pane, select **New Transport Rule**. | ||
|
|
||
| 3. Give the transport rule a name and a description and select **Next**. | ||
|
|
||
|  | ||
|
|
||
| 4. In the **Condition** configuration panel, select the option **from users that are inside or outside the organization** option. In the dropdown that opens, select **Outside the organization**. | ||
|
|
||
|  | ||
|
|
||
| 5. Still in the same **Condition** configuration panel, add a second condition to the transport rule. Select **sent to users that are inside or outside the organization, or partners**. Keep the default value of **Inside the organization**. | ||
|
|
||
|  | ||
|
|
||
| 6. Select **Next**. | ||
|
|
||
| 7. In the **Action** configuration panel, select **Blind carbon copy (Bcc) the message to addresses**. Edit the **addresses** variable to add the addresses you want to copy as BCC. | ||
|
|
||
|  | ||
|
|
||
| 8. In **Specify Recipient**, select the **down arrow** next to the **Add** button > **External E-Mail Address**. | ||
|
|
||
|  | ||
|
|
||
| 9. Enter the BCC address provided by Email Security. This address is specific to your account. | ||
|
|
||
|  | ||
|
|
||
| 10. Select **OK** > **OK** to return to the main configuration page of the transport rule. | ||
|
|
||
| 11. At the main configuration page of the transport rule, select **Next** to continue to the Exception configuration panel. | ||
|
|
||
| 12. You do not need to configure an exception rule. Select **Next**. | ||
|
|
||
|  | ||
|
|
||
| 13. In **Create Rule**, select the **New** button. | ||
|
|
||
|  | ||
|
|
||
| 14. Select **Finish** to close the transport rule configuration panel. This will return you to the Exchange Management Console. | ||
|
|
||
|  | ||
|
|
||
| :::note | ||
|
|
||
| If you have multiple rules, you may need to change the order of the BCC rule and move it to the right location in your rule sequence. This is needed so you can send BCC messages to Email Security. Usually, the Email Security BCC rule will be at the top of the ruleset. The configured conditions of the Email Security BCC rule will only trigger for inbound messages. | ||
| ::: | ||
|
|
||
| ## Email processing and reports | ||
|
|
||
| In BCC mode, all emails are put through automated phishing detections by Email Security. Emails that trigger phishing detections are logged for reporting via product portal, email and Slack. Emails that do not trigger any detections are deleted. |
13 changes: 13 additions & 0 deletions
13
...mail-security/setup/post-delivery-deployment/bcc-journaling/bcc-setup/index.mdx
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| --- | ||
| title: BCC setup | ||
| pcx_content_type: navigation | ||
| sidebar: | ||
| order: 1 | ||
| group: | ||
| hideIndex: true | ||
| --- | ||
|
|
||
| import { DirectoryListing } from "~/components" | ||
|
|
||
|
|
||
| <DirectoryListing /> |
13 changes: 13 additions & 0 deletions
13
...lare-one/email-security/setup/post-delivery-deployment/bcc-journaling/index.mdx
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| --- | ||
| title: BCC/Journaling | ||
| pcx_content_type: concept | ||
| sidebar: | ||
| order: 1 | ||
| group: | ||
| hideIndex: true | ||
| --- | ||
|
|
||
| BCC/Journaling deployment is a post-delivery type of deployment. Every time you receive an email, your email provider will send a blind copy to Cloudflare for an analysis. | ||
|
|
||
|
|
||
|  |
13 changes: 13 additions & 0 deletions
13
...curity/setup/post-delivery-deployment/bcc-journaling/journaling-setup/index.mdx
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| --- | ||
| title: Journaling setup | ||
| pcx_content_type: navigation | ||
| sidebar: | ||
| order: 1 | ||
| group: | ||
| hideIndex: true | ||
| --- | ||
|
|
||
| import { DirectoryListing } from "~/components" | ||
|
|
||
|
|
||
| <DirectoryListing /> |
35 changes: 35 additions & 0 deletions
35
...tup/post-delivery-deployment/bcc-journaling/journaling-setup/manage-domains.mdx
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,35 @@ | ||
| --- | ||
| title: Manage domains | ||
| sidebar: | ||
| order: 4 | ||
| --- | ||
|
|
||
| ## Filter domains | ||
|
|
||
| To filter your domains: | ||
|
|
||
| 1. Select **Settings**. | ||
| 2. Select **Configured method** and/or **Status**: | ||
| * If you select **Configured method**, choose among the following: | ||
| * **All**: To view all the domains. | ||
| * **MS Graph API**: To view domains connected via MS Graph API. | ||
| * **BCC/Journaling**: To view domains connected via BCC/Journaling. | ||
| * If you select **Status**, choose among the following: | ||
| * **All**: To view Active and No mail flow domains. | ||
| * **Active**: To view active domains. A domain is active when the connection is running, and Email Security is able to scan email messages. | ||
| * **No mail flow**: To view no mail flow domains. A domain has a "No mail flow" status when no mail flow is detected. You may not have any email traffic or your BCC/Journaling configuration is incomplete. | ||
|
|
||
| ## Edit domains | ||
|
|
||
| To edit your domains: | ||
|
|
||
| 1. On the **Domains** page, locate your domain, select the three dots > **Edit**. | ||
| 2. If you did not manually add your domain, you will only be able to edit **Hops**. If you manually added your domain, you will be able to edit **Domain name** and **Hops**. | ||
| 3. Select **Save**. | ||
|
|
||
| ## Prevent Cloudflare from scanning a domain | ||
|
|
||
| To unscan domains: | ||
|
|
||
| 1. On the **Domains** page, locate your domain, select the three dots > **Unscan**. | ||
| 2. Select **Unscan** again to stop Cloudflare from scanning your domain. |
48 changes: 48 additions & 0 deletions
48
...y/setup/post-delivery-deployment/bcc-journaling/journaling-setup/manual-add.mdx
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,48 @@ | ||
| --- | ||
| title: Manually add domains | ||
| sidebar: | ||
| order: 3 | ||
| --- | ||
|
|
||
| import { GlossaryTooltip } from "~/components" | ||
|
|
||
| To manually add domains: | ||
|
|
||
| 1. Log in to [Zero Trust](https://one.dash.cloudflare.com/). | ||
| 2. Select **Zero Trust**. | ||
| 3. Select **Email Security**. | ||
| 4. Select **Monitoring**: If you have not purchased Email Security, select **Contact Sales**. Otherwise, select **Connect a domain**. | ||
| 5. Select **BCC/Journaling**. | ||
| 6. Select **Manual add**. | ||
|
|
||
| ## Users with domains on Cloudflare | ||
|
|
||
| On the **Set up Email Security** page: | ||
|
|
||
| 1. **Connect domains**: Select at least one domain. Then, select **Continue**. | ||
| 2. (**Optional**) **Add manual domains**: Manually enter additional domains. Then, select **Continue**. | ||
| 3. (**Optional**) **Adjust hop count**: Enter the number of <GlossaryTooltip term="Hops">hops</GlossaryTooltip>, and then select **Continue**. | ||
| 4. **Configure service address with your third party email provider**: Copy and paste the service address into your third party email provider to allow BCC/Journaling: `<account tag>@CF-emailsecurity.com` | ||
| 5. **Review details**: Review your connected domains. Then, select **Go to domains.** | ||
|
|
||
| ## Users who do not have domains with Cloudflare | ||
|
|
||
| If you do not have domains with Cloudflare, the dashboard will display two options: | ||
|
|
||
| * Add a domain to Cloudflare. | ||
| * Enter domain manually. | ||
|
|
||
| ### Add a domain to Cloudflare | ||
|
|
||
| Selecting **Add a domain to Cloudflare** will redirect you to a new page where you will connect your domain to Cloudflare. Once you have entered an existing domain, select **Continue**. | ||
|
|
||
|
|
||
| ### Enter domain manually | ||
|
|
||
| On the **Set up Email Security** page: | ||
|
|
||
| 1. **Connect domains**: Select at least one domain. Then, select **Continue**. | ||
| 2. (**Optional**) **Add manual domains**: Manually enter additional domains. Then, select **Continue**. | ||
| 3. (**Optional**) **Adjust hop count**: Enter the number of <GlossaryTooltip term="Hops">hops</GlossaryTooltip>, and then select **Continue**. | ||
| 4. **Configure service address with your third party email provider**: Copy and paste the service address into your third party email provider to allow BCC/Journaling: `<account tag>@CF-emailsecurity.com`. | ||
Maddy-Cloudflare marked this conversation as resolved.
Outdated
Show resolved
Hide resolved
|
||
| 5. **Review details**: Review your connected domains. Then, select **Go to domains.** | ||
54 changes: 54 additions & 0 deletions
54
...st-delivery-deployment/bcc-journaling/journaling-setup/office365-journaling.mdx
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,54 @@ | ||
| --- | ||
| title: Office 365 journaling setup | ||
| pcx_content_type: how-to | ||
| sidebar: | ||
| order: 2 | ||
| --- | ||
|
|
||
| import { GlossaryTooltip } from "~/components" | ||
|
|
||
| When you receive an email, the email lands on your Microsoft O365 inbox, and then Email Security receives a copy of that email. The following email flow shows how this works: | ||
|
|
||
|  | ||
|
|
||
| To enable Microsoft 365 journaling deployment: | ||
|
|
||
| 1. Log in to [Zero Trust](https://one.dash.cloudflare.com/). | ||
| 2. Select **Zero Trust**. | ||
| 3. Select **Email Security**. | ||
| 4. Select **Monitoring**: If you have not purchased Email Security, select **Contact Sales**. Otherwise, select **Connect a domain**. | ||
| 5. Select **BCC/Journaling**. | ||
| 6. Select **Integrate with MS** > Select **Authorize**. | ||
Maddy-Cloudflare marked this conversation as resolved.
Outdated
Show resolved
Hide resolved
|
||
|
|
||
| ## Integrate with Microsoft O365 | ||
|
|
||
| To integrate with Microsoft O365: | ||
|
|
||
| 1. **Name integration**: Add your integration name, then select **Continue**. | ||
| 2. **Authorize integration**: | ||
| - Select **Authorize**. Selecting **Authorize** will take you to the **Microsoft Sign in** page where you will have to enter your email address. | ||
| - Once you enter your email address, select **Next**. | ||
| - After selecting **Next**, the dashboard will show you a dialog box with a list of requested permissions. Select **Accept to authorize Email Security**. Upon authorization, you will be redirected to a page where you can review details and enroll integration. | ||
Maddy-Cloudflare marked this conversation as resolved.
Outdated
Show resolved
Hide resolved
|
||
| 3. **Review details**: Review your integration details, then: | ||
| - Select **Complete Email Security set up** where you will be able to connect your domains and configure auto-moves. | ||
| - Select **Continue to Email Security**. | ||
|
|
||
| Continue with [**Connect your domains**](/cloudflare-one/email-security/setup/post-delivery-deployment/bcc-journaling/journaling-setup/office365-journaling/#connect-your-domains) for the next steps. | ||
|
|
||
| ### Connect your domains | ||
|
|
||
| On the **Set up Email Security** page: | ||
|
|
||
| 1. **Connect domains**: Select at least one domain. Then, select **Continue**. | ||
| 2. (**Optional**) **Add manual domains**: Select **Add domain name** to manually enter additional domains. Then, select **Continue**. | ||
| 3. (**Optional**) **Adjust hop count**: Enter the number of <GlossaryTooltip term="Hops">hops</GlossaryTooltip>. Then, select **Continue**. | ||
| 4. (**Optional**, select **Skip for now** to skip this step) **Move messages**: Refer to [Auto-moves](/cloudflare-one/email-security/auto-moves/) to configure auto-moves. Then, select **Continue**. | ||
| 5. **Configure service address with your third party email provider**: Copy and paste the service address into your third party email provider to allow BCC/Journaling: `<account tag>@CF-emailsecurity.com`. | ||
Maddy-Cloudflare marked this conversation as resolved.
Outdated
Show resolved
Hide resolved
|
||
| 6. **Review details**: Review your connected domains. Then, select **Go to domains.** | ||
|
|
||
| Your domains are now added successfully. | ||
|
|
||
| To view your connected domains: | ||
|
|
||
| 1. Go to **Settings**. | ||
| 2. Locate your domain, select the three dots > **View domain**. Selecting **View domain** will display information about your domain. | ||
12 changes: 12 additions & 0 deletions
12
...ent/docs/cloudflare-one/email-security/setup/post-delivery-deployment/index.mdx
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| --- | ||
| title: Post-delivery deployment | ||
| pcx_content_type: navigation | ||
| sidebar: | ||
| order: 1 | ||
| group: | ||
| hideIndex: true | ||
| --- | ||
|
|
||
| import { DirectoryListing } from "~/components" | ||
|
|
||
| <DirectoryListing /> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
8 changes: 8 additions & 0 deletions
8
src/content/partials/cloudflare-one/email-security/domain-information.mdx
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| - **Domain**: Domain name. | ||
| - **Configured method**: The deployment method you used to configure your domain. | ||
| - **Status**: Status indicates the state of the configuration. If the dashboard displays `No mail flow`, you may have to connect a domain to scan. | ||
| - **Service address**: This is the email address you will use to send a copy of your email. | ||
| - **Source**: Depending on how you added the domains, the dashboard will display **MS integration**, **CF zones**, or **Manual add**. | ||
| - **Integration name**: Name of the integration. This field will only be displayed for Microsoft integrations. | ||
| - **Hops**: The number of hops. This will not be displayed if the configuration method is Microsoft Graph API. Hop count will be visible only if it has been configured. | ||
| - **Date added**: Date when the domain was added. |
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.