> For the complete documentation index, see [llms.txt](https://learn.goodhearttech.org/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://learn.goodhearttech.org/google-workspace/google-workspace-nonprofit-setup/configure-email-protection-settings-in-google-workspace.md). # Configure Email Protection Settings in Google Workspace ## :checkered\_flag: Prerequisites We recommend you complete our two setup guides for Google before configuring the rest of the settings on this page. {% content-ref url="/pages/kMmSxYnPz51WfWUJusTr" %} [Configure Google Workspace for Nonprofit](/google-workspace/google-workspace-nonprofit-setup/configure-google-workspace-for-nonprofit.md) {% endcontent-ref %} ## :envelope: Email Protection Setup #### The following settings should be applied and can be adjusted based on your organization's needs. ### Gmail Safety Settings These settings can be found in the [**Google Admin portal**](https://admin.google.com) under [**Apps** > **Google Workspace** > **Gmail** > **Safety**.](https://admin.google.com/ac/apps/gmail/safety) * Attachments * Protect against encrypted attachments from untrusted senders = **OFF** (ON by default) * Protect against attachments with scripts from untrusted senders = ON * Protect against anomalous attachment types in emails = **ON** (OFF by default) * Apply future recommended settings automatically = ON * IMAP view time protections * Enable IMAP link protection = **ON** (OFF by default) * Links and external images * Identify links behind shortened URLS = ON * Scan linked images = ON * Show warning prompt for any click on links to untrusted domains = ON * Apply future recommended settings automatically = ON * Spoofing and authentication * Protect against domain spoofing based on similar domain names = ON * Protect against spoofing of employee names = ON * Protect against inbound emails spoofing your domain = ON * Protect against any unauthenticated emails = **ON** (OFF by default) * Protect your Groups from inbound emails spoofing your domain = **ON** (OFF by default) * Apply future recommended settings automatically = ON ### End User Access Settings These settings can be found in the [**Google Admin portal**](https://admin.google.com) under [**Apps** > **Google Workspace** > **Gmail** > **End User Access**.](https://admin.google.com/ac/managedsettings/740348119625) * **Disable POP**: Under **POP and IMAP Access**, *uncheck* **Enable POP access for all users** to disable it. * ***(Optional*****) Disable IMAP**: If you want to increase security, you can force people to use the Gmail web app and prevent people from using apps like Microsoft Outlook to manage thier email. This greatly increases security. Under **POP and IMAP Access**, *uncheck* **Enable IMAP access for all users** to disable it. * **Google Workspace Sync**: On * (***Optional*****) Disable External Recipients Warning:** At the bottom of the page, uncheck **Warn for external recipients** to disable it. * **Emoji Reactions**: On ### Spam, phishing, and malware settings These settings can be found in the [**Google Admin portal**](https://admin.google.com) under [**Apps** > **Google Workspace** > **Gmail** > **Spam, phishing, and malware.**](https://admin.google.com/ac/apps/gmail/spam?setting=86) * Enable *Enhanced malware & phishing protection* * Enable *Security sandbox* --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://learn.goodhearttech.org/google-workspace/google-workspace-nonprofit-setup/configure-email-protection-settings-in-google-workspace.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.