cloudflare · kodster28 · Apr 8, 2025 · Apr 8, 2025
@@ -12,7 +12,7 @@ You can configure WARP client settings to work alongside existing infrastructure
 
 :::note[Managed deployments]
 
-If you are deploying [WARP with device management software](/cloudflare-one/connections/connect-devices/warp/deployment/mdm-deployment/), we recommend only supplying `organization` in your [deployment parameters](/cloudflare-one/connections/connect-devices/warp/deployment/mdm-deployment/parameters/) and managing all other settings via the dashboard. Any settings you configure on the dashboard will be overridden by the local policy deployed by your management software. To ensure dashboard settings are applied as intended, remove the corresponding parameters from your managed deployment configuration. 
+If you are deploying [WARP with device management software](/cloudflare-one/connections/connect-devices/warp/deployment/mdm-deployment/), we recommend only supplying `organization` in your [deployment parameters](/cloudflare-one/connections/connect-devices/warp/deployment/mdm-deployment/parameters/) and managing all other settings via the dashboard. Any settings you configure on the dashboard will be overridden by the local policy deployed by your management software. To ensure dashboard settings are applied as intended, remove the corresponding parameters from your managed deployment configuration.
 :::
 
 <DirectoryListing />
@@ -84,7 +84,7 @@ To configure per-app VPN:
 2. Go to **Devices** > **Configuration Policies** > select **+ New**.
 3. Under **Options**, select **VPN**. Then:
    - Give the VPN a **Connection Name**.
-   - Select *Per-App VPN* from the **VPN Type** dropdown menu. 
+   - Select *Per-App VPN* from the **VPN Type** dropdown menu.
    - Check the box for **Automatically start Per-App VPN connection**.
 4. Under Per-App VPN Connection Type, set the **Connection Type** to _Custom SSL_ via the dropdown menu. Then, enter `com.cloudflare.cloudflareoneagent` as the **Identifier**,  `1.1.1.1` as the **Server**, and `com.cloudflare.cloudflareoneagent.worker` as the **Provider Bundle Identifier**.
 5. Set the **Provider Type** to _Packet-Tunnel_ and select the checkboxes for **Include All Networks** and **Enable VPN on Demand**.

@@ -149,10 +149,10 @@ The device failed to present a [valid mTLS certificate](/cloudflare-one/connecti
 A router, firewall, antivirus software, or other third-party security product is blocking UDP on the WARP ports.
 
 ### Resolution
- 
+
 1. Configure the third-party security product to allow the [WARP ingress IPs and ports](/cloudflare-one/connections/connect-devices/warp/deployment/firewall/#warp-ingress-ip).
 2. Ensure that your Internet router is working properly and try rebooting the router.
-3. Check that the device is not revoked by going to **My team** > **Devices**. 
+3. Check that the device is not revoked by going to **My team** > **Devices**.
 
 ## CF\_HOST\_UNREACHABLE\_CHECK
 

@@ -27,7 +27,7 @@ To configure allow policies:
            - **Regular expressions**: Must be valid Java expressions. Regular expressions are matched with fields related to the sender email address (envelope from, header from, reply-to), the originating IP address, and the server name for the email.
      - **(Recommended) Sender verification**: This option enforces DMARC, SPF, or DKIM authentication. If you choose to enable this option, Email Security will only honor policies that pass authentication.
        - **Notes**: Provide additional information about your allow policy.
-   - **Uploading an allow policy**: Upload a file no larger than 150 KB. The file can only contain `Pattern`, `Notes`, `Verify Email`, `Trusted Sender`, `Exempt Recipient` and `Acceptable Sender` fields. The first row must be a header row. 
+   - **Uploading an allow policy**: Upload a file no larger than 150 KB. The file can only contain `Pattern`, `Notes`, `Verify Email`, `Trusted Sender`, `Exempt Recipient` and `Acceptable Sender` fields. The first row must be a header row.
 6. Select **Save**.
 
 ## Export allow policies

@@ -23,7 +23,7 @@ To configure blocked senders:
          - **Notes**: Provide additional information about the blocked sender policy.
    - **Upload blocked sender list**: Upload a file no larger than 150 KB. The file cannot can only contain `Blocked_Sender` and `Notes` fields. The first row must be a header row.
 6. Select **Save**.
-   
+
 ## Export blocked senders
 
 To export a list of blocked senders:

@@ -58,7 +58,7 @@ To edit users from other integrations:
 
 :::note
 
-Adiministrators can remove users who belong to the Email Security directory from the **Impersonation registry**. Users who come from an integrated directory cannot be removed from the **Impersonation registry** directly. 
+Adiministrators can remove users who belong to the Email Security directory from the **Impersonation registry**. Users who come from an integrated directory cannot be removed from the **Impersonation registry** directly.
 
 To remove a user from an integrated directory:
 

@@ -20,7 +20,7 @@ To configure a trusted domain:
        * **Proximity domain**: Domains with similar spelling to your existing domain.
        * **Recent domain**: Domains created recently.
      * **Notes**: Provide additional information about the trusted domain list.
-   - **Upload trusted domain list**: You can upload a file no larger than 150 KB of multiple trusted domains. The file can only contain `Domain`, `Notes`, `Proximity` and `Recent` fields. The first row must be a header row. 
+   - **Upload trusted domain list**: You can upload a file no larger than 150 KB of multiple trusted domains. The file can only contain `Domain`, `Notes`, `Proximity` and `Recent` fields. The first row must be a header row.
 6. Select **Save**.
 
 ## Export trusted domains

@@ -23,7 +23,7 @@ To modify or delete users:
 To manually add a user to the Email Security directory:
 
 1. Go to **Settings** > **Impersonation registry**.
-2. Select **Add a user**: 
+2. Select **Add a user**:
   - Choose **Manual input** as the **Input method**.
   - Under **User info**, enter the **Display name**.
   - Under **User email**, enter the **Email addresses**.

@@ -5,13 +5,13 @@ sidebar:
   order: 3
 ---
 
-Email Security allows you to view and manage your groups directory and their [impersonation registry](/cloudflare-one/email-security/detection-settings/impersonation-registry/). When a group is added to the registry, all members are registered by default. 
+Email Security allows you to view and manage your groups directory and their [impersonation registry](/cloudflare-one/email-security/detection-settings/impersonation-registry/). When a group is added to the registry, all members are registered by default.
 
 To manage your group directory, go to your directory and select **Groups**.
 
 ## Add groups to registry
 
-Email Security allows you to add group names to the registry. 
+Email Security allows you to add group names to the registry.
 
 To add a single group to the registry:
 
@@ -26,7 +26,7 @@ To add multiple groups to the registry at once:
 
 ## Remove groups from registry
 
-Email Security allows you to remove group names from the registry. 
+Email Security allows you to remove group names from the registry.
 
 To remove a single group from the registry:
 

@@ -24,7 +24,7 @@ To add multiple users to the registry at once:
 
 ## Remove users from registry
 
-Email Security allows you to remove users from the registry. 
+Email Security allows you to remove users from the registry.
 
 To remove a single user from the registry:
 
@@ -41,7 +41,7 @@ To remove multiple users from the registry at once:
 
 To edit a user in the Microsoft directory:
 
-1. Under **Display name**, select the user you want to edit. 
+1. Under **Display name**, select the user you want to edit.
 2. Select **Edit**: Enter a **Secondary email**.
 3. Select **Save**.
 

@@ -17,7 +17,7 @@ To monitor your inbox:
 
 1. Log in to [Zero Trust](https://one.dash.cloudflare.com/).
 2. Select **Email Security**.
-3. Under **Email Security**, select **Monitoring**. 
+3. Under **Email Security**, select **Monitoring**.
 
 The dashboard will display the following metrics:
 
@@ -59,7 +59,7 @@ Detection details displays information about:
 - **Spoof** disposition:
    * **Spoof users (impersonated names)**: Top number of impersonated names, and their number relative to the total number of detection received.
    * **Spoof targets**: Top number of targeted emails.
-   * **Sender v. envelope mismatch**: This field indicates the number of mismatches between the email address the message was sent from, and the email address the message was _actually_ sent from. 
+   * **Sender v. envelope mismatch**: This field indicates the number of mismatches between the email address the message was sent from, and the email address the message was _actually_ sent from.
 
 ## Impersonations
 

@@ -79,7 +79,7 @@ Reclassifying messages allows you to choose the disposition of your messages if
 To reclassify a message:
 
 1. On the **Investigation** page, under **Your matching messages**, select the message you want to reclassify.
-2. Select the three dots, then select **Reclassify**. 
+2. Select the three dots, then select **Reclassify**.
 3. Under **New disposition**, select among the following:
    * **Malicious**: Traffic invoked multiple phishing verdict triggers, met thresholds for bad behavior, and is associated with active campaigns.
    * **Spoof**: Traffic associated with phishing campaigns that is either non-compliant with your email authentication policies (SPF, DKIM, DMARC) or has mismatching Envelope From and `Header From` values.
@@ -186,7 +186,7 @@ To view status and actions for each email:
 
 1. On the **Investigation** page, select the three dots.
 2. Selecting the three dots will show you the following options:
-   - If the email is quarantined: 
+   - If the email is quarantined:
       - **View details**: Refer to [Email details](/cloudflare-one/email-security/email-monitoring/search-email/#email-details) to learn more.
       - **View similar emails**: Find similar emails based on the `value_edf_hash` (Electronic Detection Fingerprint hash).
       - **Release**: Email Security will no longer quarantine your chosen messages.
@@ -244,7 +244,7 @@ To open links in Browser Isolation:
 You may receive a HTTP 400 Bad Request Error when opening a link in Browser Isolation. Follow these steps if you encounter this problem:
 
 1. In [Zero Trust](https://one.dash.cloudflare.com/), select **Settings**.
-2. Select **Browser Isolation**, then enable **Clientless Web Isolation**. 
+2. Select **Browser Isolation**, then enable **Clientless Web Isolation**.
 
 If you still receive a 400 Bad Request error after enabling Clientless Web Isolation:
 

@@ -76,7 +76,7 @@ To set up DLP Assist add-in:
     - Select **Upload manifest file (.xml) from device**.
     - Upload the Cloudflare add-in file you downloaded in step three. Then, verify and complete the wizard. It can take up to 24 hours for an add-in to propagate.
 
-The add-in works by inserting headers into the [EML](https://en.wikipedia.org/wiki/EML) on the client side before the message is sent out. 
+The add-in works by inserting headers into the [EML](https://en.wikipedia.org/wiki/EML) on the client side before the message is sent out.
 
 To block, encrypt, or send approval, you can configure rules within Microsoft Purview DLP:
 
@@ -100,7 +100,7 @@ To block, encrypt, or send approval, you can configure rules within Microsoft Pu
 
 ## Set up DLP profiles
 
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Email Security** > **Outbound DLP**. 
+1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Email Security** > **Outbound DLP**.
 2. Select **Add a policy**:
     - **Name your policy**.
     - **Build an expression**.

@@ -76,6 +76,6 @@ If you select the three dots, you can:
   - **Overview**: An Overview of the report. This includes date and time of the report, type of attack performed, and more.
   - **Target and victimology**: Company targeted.
   - **Details**: Displays information such as delivery disposition, current disposition, ES Alert ID, Message-ID, Timestamp, Subject, and Attempted Fraudulent Amount.
-  - **Indicators of compromise (IOC)**: [Indicators of compromise (IOC)](https://www.cloudflare.com/en-gb/learning/security/what-are-indicators-of-compromise/) are information about a specific security breach that can help security teams determine if an attack has taken place. 
+  - **Indicators of compromise (IOC)**: [Indicators of compromise (IOC)](https://www.cloudflare.com/en-gb/learning/security/what-are-indicators-of-compromise/) are information about a specific security breach that can help security teams determine if an attack has taken place.
 - Preview email.
 - [Move email](/cloudflare-one/email-security/auto-moves/).
@@ -26,7 +26,7 @@ There are three routes you can use to report an email as a phish:
 
 ## PhishNet O365
 
-PhishNet is an add-in button that helps users to submit directly to Email Security <GlossaryTooltip term="phishing">phish</GlossaryTooltip> samples missed by Email Security's detection. 
+PhishNet is an add-in button that helps users to submit directly to Email Security <GlossaryTooltip term="phishing">phish</GlossaryTooltip> samples missed by Email Security's detection.
 
 To set up PhishNet O365:
 
@@ -47,7 +47,7 @@ To set up PhishNet with Google Workspace you need admin access to your Google Wo
 1. Log in to [Google Workspace Marketplace apps](https://workspace.google.com/marketplace/app/cloudflare_phishnet/11369379045) using this direct link and an administrator account.
 2. Select **Admin install** to install Cloudflare PhishNet. Read the warning, and select **Continue**.
 3. You will be redirected to the **Allow data access** page, where you can choose to install Cloudflare PhishNet for **Everyone at your organization**, or **Certain groups or organizational units**. If you choose the latter option, you will have to select the users in the next step.
-4. After choosing the groups you want to install PhishNet for, agree with Google's terms of service, and select **Finish**. 
+4. After choosing the groups you want to install PhishNet for, agree with Google's terms of service, and select **Finish**.
 5. Cloudflare PhishNet has been installed. Select **DONE**.
 
 You have now successfully installed Cloudflare PhishNet.

@@ -45,10 +45,10 @@ On the **Set up Email Security** page, you will be able to connect your domains.
 
 1. **Connect domains**: Select at least one domain. Then, select **Continue**.
 2. (**Optional**, select **Skip for now** to skip this step) **Configure auto-move**: Refer to [Auto-moves](/cloudflare-one/email-security/auto-moves/) to configure auto-moves.
-3. **Review details**: Review your connected domains, then select **Go to domains**. 
+3. **Review details**: Review your connected domains, then select **Go to domains**.
 
 Your domains are now connected successfully.
- 
+
 ### Connect new domains
 
 To connect new domains:

@@ -6,7 +6,7 @@ sidebar:
 head:
   - tag: title
     content: Setup phishing risk assessment for Microsoft Exchange with Email
-      Security 
+      Security
 
 ---
 
@@ -68,7 +68,7 @@ For customers using Microsoft Exchange, setting up Email Security via BCC is qui
 
 :::note
 
-If you have multiple rules, you may need to change the order of the BCC rule and move it to the right location in your rule sequence. This is needed so you can send BCC messages to Email Security. Usually, the Email Security BCC rule will be at the top of the ruleset. The configured conditions of the Email Security BCC rule will only trigger for inbound messages. 
+If you have multiple rules, you may need to change the order of the BCC rule and move it to the right location in your rule sequence. This is needed so you can send BCC messages to Email Security. Usually, the Email Security BCC rule will be at the top of the ruleset. The configured conditions of the Email Security BCC rule will only trigger for inbound messages.
 :::
 
 ## Email processing and reports

@@ -14,11 +14,11 @@ On the **Set up Email Security** page:
 3. (**Optional**) **Adjust hop count**: Enter the number of <GlossaryTooltip term="Hops">hops</GlossaryTooltip>. Then, select **Continue**.
 4. (**Optional**, select **Skip for now** to skip this step) **Move messages**: Refer to [Auto-moves](/cloudflare-one/email-security/auto-moves/) to configure auto-moves. Then, select **Continue**.
 5. **Configure service address with your third party email provider**: Copy and paste the service address into your third-party email provider to allow BCC/Journaling: `<account tag>@CF-emailsecurity.com`.
-6. **Review details**: Review your connected domains. Then, select **Go to domains.** 
+6. **Review details**: Review your connected domains. Then, select **Go to domains.**
 
 Your domains are now added successfully.
 
-On the **Domains** page, select the three dots > **View integration**. The dashboard will display your [domain information](/cloudflare-one/email-security/reference/domain-information/). 
+On the **Domains** page, select the three dots > **View integration**. The dashboard will display your [domain information](/cloudflare-one/email-security/reference/domain-information/).
 
 Under **Source**, the dashboard will display **Google integration**, along with the **Integration name**.
 
@@ -31,7 +31,7 @@ To add additional domains:
 3. **Connect domains**: Select the domains you want to add, then select **Next**.
 4. (Optional) Select **Add manual domains**: Enter additional domains manually, then select **Next**.
 5. (Optional) Select **Adjust hop count**: Enter the number of <GlossaryTooltip term="Hops">hops</GlossaryTooltip>.
-6. **Review details**: Review your selected domains, then use the following email to configure the service address with your third-party email provider:    
+6. **Review details**: Review your selected domains, then use the following email to configure the service address with your third-party email provider:
       ```txt
       <account tag>@CF-emailsecurity.com
       ```

@@ -65,7 +65,7 @@ Enter the email associated with the Google Workspace Administrator account. Your
 ### 8. Create integration
 
 1. Select **Create integration**.
-2. Once you created your integration, you will be redirected to the **Review details** page, where you will be able to review **Integration details**. 
+2. Once you created your integration, you will be redirected to the **Review details** page, where you will be able to review **Integration details**.
 3. Review your details, then select **Complete Email Security set up** > **Continue to Email Security**.
 
 ## Verify integration

@@ -6,7 +6,7 @@ sidebar:
 ---
 
 
-For customers using Gmail as their email provider, setting up Email Security is quick and easy. 
+For customers using Gmail as their email provider, setting up Email Security is quick and easy.
 
 You will need to [enable Gmail BCC on the Zero Trust dashboard](/cloudflare-one/email-security/setup/post-delivery-deployment/bcc-journaling/bcc-setup/gmail-bcc-setup/enable-gmail-integration/), [create an integration](/cloudflare-one/email-security/setup/post-delivery-deployment/bcc-journaling/bcc-setup/gmail-bcc-setup/enable-gmail-integration/), [add BCC rules](/cloudflare-one/email-security/setup/post-delivery-deployment/bcc-journaling/bcc-setup/gmail-bcc-setup/add-bcc-rules/), and [connect your domain(s)](/cloudflare-one/email-security/setup/post-delivery-deployment/bcc-journaling/bcc-setup/gmail-bcc-setup/connect-domains/). You can choose to [add additional domains](/cloudflare-one/email-security/setup/post-delivery-deployment/bcc-journaling/bcc-setup/gmail-bcc-setup/connect-domains/) at a later stage.
-Original file line number
+Diff line change
@@ Expand Up / @@ -58,7 +58,7 @@ To edit users from other integrations: @@
     :::note
-    Adiministrators can remove users who belong to the Email Security directory from the **Impersonation registry**. Users who come from an integrated directory cannot be removed from the **Impersonation registry** directly.
+    Adiministrators can remove users who belong to the Email Security directory from the **Impersonation registry**. Users who come from an integrated directory cannot be removed from the **Impersonation registry** directly.
     To remove a user from an integrated directory:
@@ Expand Down @@