How do I configure email security in Google Workspace?
What is a How do I configure email security in Google Workspace??
Google Workspace includes built-in email security settings that protect against phishing, malware, attachment threats, and domain spoofing.
Google Workspace includes built-in protections against phishing and malware that are off by default. Enabling them reduces the risk of email-based attacks without affecting normal email usage.
No email security configuration is 100% effective. Stay vigilant when handling unexpected emails regardless of your settings.
Which protections should I enable?
In the Google Admin Console, go to Apps → Google Workspace → Gmail → Safety. Enable the following:
| Protection | What it does |
|---|---|
| Attachment protection | Blocks suspicious attachments and scripts from untrusted senders, and identifies uncommon file types that may contain malware |
| Links and external images | Reveals the destination behind shortened or obscured URLs, scans linked images for malicious content, and warns when clicking links to untrusted domains |
| Spoofing and authentication | Guards against domain spoofing and impersonation, flags unauthenticated emails with a visual indicator next to the sender's name |
Recommended action settings
| Threat type | Recommended action |
|---|---|
| Suspicious attachments | Quarantine |
| Suspicious links | Display warning |
| Spoofed emails | Mark as spam |
| Unauthenticated emails | Flag with visual indicator |
Additional settings
Enable Automatically turn on future recommended settings so new protections from Google are applied as they become available. Select Strongest level of protection for comprehensive coverage.
If these settings cause issues with specific email senders or workflows, Google allows per-setting adjustments. Contact hello@deeploi.io if you need help tuning the configuration.