Configure Email Protection Settings in Google Workspace
🏁 Prerequisites
We recommend you complete our two setup guides for Google before configuring the rest of the settings on this page.
Configure Google Workspace for NonprofitEmail Sender Validation Using DNS (SPF, DKIM, & DMARC)✉️ Email Protection Setup
The following settings should be applied and can be adjusted based on your organization's needs.
Gmail Safety Settings
These settings can be found in the Google Admin portal under Apps > Google Workspace > Gmail > Safety.
Attachments
Protect against encrypted attachments from untrusted senders = OFF (ON by default)
Protect against attachments with scripts from untrusted senders = ON
Protect against anomalous attachment types in emails = ON (OFF by default)
Apply future recommended settings automatically = ON
IMAP view time protections
Enable IMAP link protection = ON (OFF by default)
Links and external images
Identify links behind shortened URLS = ON
Scan linked images = ON
Show warning prompt for any click on links to untrusted domains = ON
Apply future recommended settings automatically = ON
Spoofing and authentication
Protect against domain spoofing based on similar domain names = ON
Protect against spoofing of employee names = ON
Protect against inbound emails spoofing your domain = ON
Protect against any unauthenticated emails = ON (OFF by default)
Protect your Groups from inbound emails spoofing your domain = ON (OFF by default)
Apply future recommended settings automatically = ON
End User Access Settings
These settings can be found in the Google Admin portal under Apps > Google Workspace > Gmail > End User Access.
Disable POP: Under POP and IMAP Access, uncheck Enable POP access for all users to disable it.
Disable External Recipients Warning: At the bottom of the page, uncheck Warn for external recipients to disable it.
(Optional) Disable IMAP: If you want to increase security, you can force people to use the Gmail web app and prevent people from using apps like Microsoft Outlook to manage thier email. This greatly increases security. Under POP and IMAP Access, uncheck Enable IMAP access for all users to disable it.
Last updated