Cloudflare Docs

Area 1 Email Security

Cloudflare Docs

Area 1 Email Security

Overview
Setup
Inline
Setup
Office 365 - Area 1 as MX Record
Use cases
1 - Junk email and Area 1 Admin Quarantine
2 - Junk email and user managed quarantine
3 - Junk email and administrative quarantine
4 - User managed quarantine and administrative quarantine
5 - Junk email folder and administrative quarantine
Google Workspace - Area 1 as MX Record
Cisco - Area 1 as MX Record
Cisco - Cisco as MX record
Reference
Egress IPs
API
Setup
Gmail BCC setup
Exchange BCC setup
Office 365 journaling setup
Office 365 Graph API setup
Email Retro Scan
Account setup
Manage account members
Escalation contacts
Manage parent permissions
SSO integration
Generic SSO guide
Okta guide
Azure guide
Cloudflare Access for SaaS
Permissions
Email configuration
Domains and routing
Domains
Alert Webhooks
Partner Domains TLS
Email policies
Text add-ons
Link actions
Allow and block lists
Allowed patterns
Trusted domains
Block lists
Enhanced detections
Business email compromise (BEC)
Office 365 directory integration
Google Workspaces directory integration
Added Detections
Retract settings
Gmail retraction
Office 365 retraction
Phish submissions
KnowBe4
Microsoft Report Message (not compatible)
PhishNet for Google Workspace
PhishNet for Office 365
Admin Quarantine
Reporting
Search
Available parameters
Phish reports
SIEM integration
KnowBe4
LogScale
Splunk
Sumo Logic
Audit Logs
Statistics overview
Types of malicious detections
API
Service accounts
Channel and Alliance Partners
Reference
How we detect phish
Dispositions and attributes
Timestamps
MS Office 365 GCC
Cloudflare SSO
Language support
Glossary

API deployment

When you choose an API deployment for your Area 1 setup, email messages only reach Area 1 after they have already reached a user’s inbox.

Then, through on integrations with your email provider, Area 1 can retract messages based on your organization’s policies.

With API deployment, messages travel through Area 1’s email filter after reaching your users.

Benefits

When you choose API deployment, you get the following benefits:

Easy protection for complex email architectures, without requiring any change to mailflow operations.
Agentless deployment for Microsoft 365 and Gmail.
The initial email protection measures offered by your current email provider.

Limitations

However, API deployment also has the following disadvantages:

Area 1 is dependent on your email provider’s API infrastructure and outages will increase the message dwell time in the inbox.
Area 1 requires read and write access to mailboxes.
Requires API support from your email provider (does not typically support on-premise providers).
Your email provider may throttle API requests from Area 1.
Detection rates may be lower if multiple solutions exist.
Messages cannot be modified or quarantined.
Certain URL rewrite schemes cannot be decoded (for example, Mimecast).

Get started

For help getting started, refer to our setup guides.