This article serves as a guide on how to create content compliance or mail redirection rule in Google Workspace/G-Suite. To prevent unauthorised password change, we implement ‘mail redirection‘ which re-routes cloud apps password reset emails to the password administrator in your firm. For more details, visit the Mail Redirection article.
Google Workspace Account with Administrative rights. (Ex. Super Admin)
Please follow the instructions below on how to create the Mail Redirection Rule in G Suite.
1. Open any preferred browser then proceed to Google Admin Console
2. Log in as the Administrator.
3. On the Admin Console page, click on Apps > Google Workspace > Gmail
4. On the right hand section, find and select Compliance
5. In the Compliance tab, hover your mouse to Content Compliance and click on Configure. If there’s an existing rule, Click on Add another rule instead.
6. On the Add Settings Page, follow the guide below
- On the Content Compliance field, enter the description
Practice Protect Password Reset Redirect
- On the Email messages to affect, tick Inbound, Internal – Sending and Internal – Receiving
- Select If ANY of the following match the message then click Add
- Under the Add setting, Select Advanced content match on the dropdown
- Under Location, Select Subject
- Under Match type, Select Contains text
- Under Content, fill in the Email Subject from the Password Reset email of the Cloud Application.
- Click Save.
Note: Check the list of the common application subject and domain, click Common Apps Password Reset & Redirect Info
- To add more expressions for the other applications subject line, Click Add.
If the above expressions match, do the following:
- Select Modify message
- Under the Envelope recipient, tick Change envelope recipient
- Select Replace recipient, fill it in with the Password Admin email address. (ex. email@example.com)
7. Click Save to create the rule.
Note: During the onboarding process, the Onboarding Team setup the mail redirection rule and set the envelope recipient instead to firstname.lastname@example.org to perform Password Reset process and do the heavy lifting on securing cloud app credentials. Once onboarding is done, recipient of the rule should be reverted to the nominated password admin.
For other information or queries, feel free to reach out on email@example.com