Cloudflare Docs

Area 1 Email Security

Cloudflare Docs

Area 1 Email Security

Overview
Setup
Inline

Setup

Office 365 - Area 1 as MX Record

Use cases

1 - Junk email and Area 1 Admin Quarantine
2 - Junk email and user managed quarantine
3 - Junk email and administrative quarantine
4 - User managed quarantine and administrative quarantine
5 - Junk email folder and administrative quarantine

Google Workspace - Area 1 as MX Record
Cisco - Area 1 as MX Record
Cisco - Cisco as MX record

Reference

Egress IPs

API

Setup

Gmail BCC setup
Exchange BCC setup
Office 365 journaling setup
Office 365 Graph API setup
Account setup
Manage account members
Escalation contacts
Manage parent permissions
SSO integration

Generic SSO guide
Okta guide
Azure guide

Permissions
Email configuration
Domains and routing

Domains
Alert Webhooks
Partner Domains TLS

Email policies

Text add-ons
Link actions

Allow and block lists

Allowed patterns
Trusted domains
Block lists

Enhanced detections

Business email compromise (BEC)

Office 365 directory integration
Google Workspaces directory integration

Added Detections

Retract settings

Gmail retraction
Office 365 retraction

Phish submissions

PhishNet for Office 365
PhishNet for Google Workspace

Admin Quarantine
Reporting
Search

Available parameters

Phish reports
SIEM integration

KnowBe4
LogScale
Splunk
Sumo Logic

Audit Logs
Statistics overview
Types of malicious detections
API
Service accounts
Channel and Alliance Partners
Reference
How we detect phish
Dispositions and attributes
Language support
Cloudflare SSO

Added Detections

With Added Detections, you can manage various configurations applied at the time of analyzing email traffic.

These settings apply particularly to trusted business partners that your organization may do business with (vendors, external providers, and more).

Available configurations

Feature	Description
Malicious Domain Age	Controls the threshold for a Malicious disposition based on domain age. Maximum of 120 days.
Suspicious Domain Age	Controls the threshold for a Suspicious disposition based on domain age. Maximum of 120 days.
Encrypted Attachment Scanning	Auto-scan encrypted attachments to detect sophisticated malware campaigns.
Anti-Spam Engine	Detect bulk emails or unsolicited commercial emails and marks them with a Bulk disposition.
Active Fraud Prevention	Inspect and assess new domain traffic that could be launched from third-party partners or similar organizations.

Access Added Detections

To access Added Detections and potentially adjust your settings:

Log in to the Area 1 dashboard.
Go to Settings (the gear icon).
On Email Configuration, go to Enhanced Detections > Added Detections.

From this view, you can adjust various configurations.