Cloudflare Docs
Area 1 Email Security
Visit Area 1 Email Security on GitHub
Set theme to dark (⇧+D)

Microsoft Office 365 BCC setup with Area 1

For customers using Microsoft Office 365, setting up a phishing risk assessment with Area 1 via a BCC setup is quick and easy. You need to configure an inbound rule to send emails to Area 1 via BCC for processing and detection of potential phishing attacks. The following email flow shows how this works:

Email flow when setting up a phishing assessment risk for Office 365 with Area 1.

​​ Configure Inbound Rule

  1. Access Exchange’s Management Console, and go to Organization Configuration > Hub Transport.

    Access Hub transport

  2. On the Actions pane, select New Transport Rule.

  3. Give the transport rule a name and a description and select Next.

    Give transport rule a name and description

  4. In the Condition configuration panel, select the option from users that are inside or outside the organization option. In the dropdown that opens, select Outside the organization.

    Select scope of transport rule

  5. Still in the same Condition configuration panel, add a second condition to the transport rule. Select sent to users that are inside or outside the organization, or partners. Keep the default value of Inside the organization.

    Select where to send emails

  6. Select Next.

  7. In the Action configuration panel, select Blind carbon copy (Bcc) the message to addresses. Edit the addresses variable to add the addresses you want to copy as BCC.

    Select BCC and edit email addresses

  8. In Specify Recipient, select the down arrow next to the Add button > External E-Mail Address.

    Select external e-mail address

  9. Enter the BCC address provided by Area 1. This address is specific to your account.

    Enter the BCC address provided by Area 1

  10. Select OK > OK to return to the main configuration page of the transport rule.

  11. At the main configuration page of the transport rule, select Next to continue to the Exception configuration panel.

  12. You do not need to configure an exception rule. Select Next.

    You do not need to configure an exception rule

  13. In Create Rule, select the New button.

    Select the new button

  14. Select Finish to close the transport rule configuration panel. This will return you to the Exchange Management Console.

    Select finish

​​ Email processing and reports

In BCC mode, all emails are put through automated phishing detections by Area 1. Emails that trigger phishing detections are logged for reporting via product portal, email and Slack. Emails that do not trigger any detections are deleted.