Purpose
This article serves as a guide on how to create content compliance or mail redirection rule in Google Workspace/G-Suite. To prevent unauthorised password change, we implement ‘mail redirection‘ which re-routes cloud apps password reset emails to the password administrator in your firm. For more details, visit the Mail Redirection article.
Pre-requisites
Google Workspace Account with Administrative rights. (Ex. Super Admin)
Instructions:
Please follow the instructions below on how to create the Mail Redirection Rule in G Suite.
1. Open any preferred browser then proceed to Google Admin Console
2. Log in as the Administrator.
3. On the Admin Console page, click on Apps > Google Workspace > Gmail
4. On the right hand section, find and select Compliance
5. In the Compliance tab, hover your mouse to Content Compliance and click on Configure. If there’s an existing rule, Click on Add another rule instead.
6. On the Add Settings Page, follow the guide below
- On the Content Compliance field, enter the description
Practice Protect Password Reset Redirect
- On the Email messages to affect, tick Inbound, Internal – Sending and Internal – Receiving
- Select If ANY of the following match the message then click Add
- Under the Add setting, Select Advanced content match on the dropdown
- Under Location, Select Subject
- Under Match type, Select Equals
- Under Content, fill in the Email Subject from the Password Reset email of the Cloud Application.
- Click Save.
Note: Check the list of the common application subject and domain, click Common Apps Password Reset & Redirect Info
- To add more expressions for the other applications subject line, Click Add.
If the above expressions match, do the following:
- Select Modify message
- Under the Envelope recipient, tick Change envelope recipient
- Select Replace recipient, fill it in with the Password Admin email address. (ex. [email protected])
Note: During the onboarding process, the Onboarding Team set up the mail redirection rule and set the envelope recipient instead to [email protected] to perform the Password Reset process and do the heavy lifting on securing cloud app credentials. Once onboarding is done, the recipient of the rule should be reverted to the nominated password admin.
7. Go to the Address list. Note: If you can’t find it, click Show Options
- Tick Use address lists to bypass or control application of this settings
- Tick Bypass this Settings for specific addresses / domains
8. Click on Create or Edit List. This will open on another page.
- Click ADD ADDRESS LIST
- Set the Name to Exclude Practice Protect
- Click ADD ADDRESS and on the address field, add the domain, practiceprotect.com
- Hit Save.
9. Return on the Compliance Rule > Address List. Click Use existing list and choose the address list created from the previous step (i.e. Exclude Practice Protect)
Click SAVE to create the rule.
For other information or queries, feel free to reach out to [email protected]