Cloudflare Is Taking a Shot at Email Security

Cloudflare, The Internet infrastructure company, already has its fingers in a lot of customer security pots, from DDoS protection to browser isolation to a mobile VPN. Now the company is accepting a classic web enemy: email.

On Monday, Cloudflare announced a pair of email security and safety offerings, which it sees as a first step towards capturing more targeted phishing attacks, reducing the effectiveness of address spoofing and mitigating the fallout if a user clicks on a malicious link . The features that the company will offer for free are mainly aimed at small businesses and business customers. And they’re made for use on top of any email host a customer already has, whether it’s provided by Google’s Gmail, Microsoft 365, Yahoo, or even relics like AOL.

Cloudflare CEO Matthew Prince says that from its inception in 2009, the company very deliberately avoided going near the thorny issue of email. But he adds that email security issues are inexorable, so it has become necessary. “I think what I had assumed is that hosting providers like Google and Microsoft and Yahoo would solve this problem, so we were not sure there was anything for us to do in the space,” Prince says. “But what has become clear over the last two years is that email security is still not a solved issue.”

Prince says Cloudflare employees have been “surprised at how many targeted threats came through Google Workspace,” the company’s email provider. This is not due to lack of progress from Google or the other major providers in terms of anti-spam and anti-malware efforts, he adds. But with so many forms of email threats to deal with at once, strategically crafted phishing messages are still slipping through. So Cloudflare decided to build additional defense tools that both the company itself as well as its customers could use.

On Monday, the company launches two products: Cloudflare Email Routing and Email Security DNS Wizard. The tools let customers place Cloudflare in front of their email hosting provider, which essentially allows Cloudflare to receive and process emails before forwarding them to Microsoft and Google worldwide. This is somewhat similar to Cloudflare’s longstanding role as a “content delivery network” for websites, where the company is a proxy that can serve data or capture malicious activity as web traffic passes through.

Cloudflare Email Routing enables individuals or organizations to manage a fully customized email domain, e.g. @, from a single consumer -email account, e.g. A personal Gmail address. The tool even lets you collect many addresses – [email protected], [email protected] – so they forward them all to a single inbox. In this way, small businesses in particular can get the benefits of a dedicated, customized e-mail domain without having to manage an entire separate platform.

The second tool, Security DNS Wizard, aims to make two email security features available to Cloudflare customers and easy to use. Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) are two tools that are essentially a combination of caller ID and e-mail screening schemes: They aim to reduce e-mail spoofing by creating public records , which must match an email sender information for the message to go through. This significantly reduces how easy it is for attackers to say an email to employees who really seem to be coming from “Cool Business CEO.”

SPF and DKIM have been around for more than a decade, but they are not ubiquitous because they are difficult to create without errors that can result in problems like legitimate emails being lost. Cloudflare’s goal with e-mail security The DNS wizard is to make it easy for users to configure one or the other protection without errors.


Leave a Reply

Your email address will not be published.