Prevent a user from sending email to any of the groups in our domain or just to any groups
564 views
Skip to first unread message
Ajo Jose
Mar 9, 2023, 8:40:51 AM3/9/23
to GAM for Google Workspace
Hi Team,
can we Prevent a user from sending emails to any of the groups in our domain or just to any groups?
Ajo Jose
Mar 9, 2023, 9:13:35 AM3/9/23
to GAM for Google Workspace
In other words, dis allow the posting policy for a user in every group
Ross Scroggs
Mar 9, 2023, 10:30:58 AM3/9/23
to google-ap...@googlegroups.com
Ajo,
There is no Gmail API support for this, thus GAM can't help
Ross
--
You received this message because you are subscribed to the Google Groups "GAM for Google Workspace" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-apps-man...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/0d00b793-cea8-4b0b-9eb1-af98c2fe72b0n%40googlegroups.com.
Ross Scroggs
Ajo Jose
Mar 9, 2023, 10:33:50 AM3/9/23
to GAM for Google Workspace
Hi Ross,
Thanks for the confirmation.
what about ban this single user from all groups in our domain? is it also not possible.
Ross Scroggs
Mar 9, 2023, 10:43:19 AM3/9/23
to google-ap...@googlegroups.com
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/2ab9bcb9-65b8-4401-bda2-fa9c372d0d31n%40googlegroups.com.
Ross Scroggs
Jay Lee
Mar 9, 2023, 10:46:35 AM3/9/23
to google-ap...@googlegroups.com
the right way to do this is by setting who can post to each group with a command like:
gam update group agr...@yourdomain.com whocanpostmessage ALL_MEMBERS_CAN_POST
Jay
Jay Lee
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/CAJkvRS9ZojC3EhQf871%3DT_0cPGa8WMxLXrP3jsaheM54FqEvvQ%40mail.gmail.com.
Ajo Jose
Mar 9, 2023, 10:48:32 AM3/9/23
to GAM for Google Workspace
Hi Ross & Jay,
The problem is we actually have some public groups, so we basically somehow need to ban this user from being able to send emails to any of our groups.
Jay Lee
Mar 9, 2023, 10:57:13 AM3/9/23
to google-ap...@googlegroups.com
You'll need to ban the user in each of those public groups. There's no way to do this via the API. Note that email addresses are cheap so user can just sign up for a new gmail.com, yahoo.com or whatever account to post to the public group.
All your other groups should tightly restrict who can send to them as shown above.
For this GAM public group, I allow anyone to join the group but I moderate posts from new members by default:
that means I can ensure new group members are actually posting about GAM and not spamming the group. When the group notifies me (the group owner) of the moderated message I can then allow all posting by this new member. This is highly effective unless:
- I don't pay close enough attention to the moderated post and allow spam through (happens occasionally when I'm bleary eyed)
- A member's account gets hijacked and sends spam to the group. This has only happened once or twice in the last decade.
Jay
Jay Lee
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/19934006-0d77-4fdc-b3ab-650d75331764n%40googlegroups.com.
Ajo Jose
Mar 9, 2023, 11:02:12 AM3/9/23
to GAM for Google Workspace
Hi Jay,
Thanks for the confirmation.
Pie Man
Mar 9, 2023, 11:05:24 AM3/9/23
to google-ap...@googlegroups.com
Hi,
At my old place we had to do this for students. From memory we achieved it using Gmail routing on the student ou. I can't remember the exact setup we used but I will have a look tomorrow at my new places setup to see if I can jog my memory.
HTH
Piers
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/19934006-0d77-4fdc-b3ab-650d75331764n%40googlegroups.com.
Ajo Jose
Mar 9, 2023, 11:45:21 AM3/9/23
to GAM for Google Workspace
That would be really helpful piers, even though I have tried routing that didn't really work for me.
Unhappy Buckaroo
Mar 9, 2023, 2:55:46 PM3/9/23
to GAM for Google Workspace
As Jay said, email accounts are cheap, and this can easily turn into a game of wack-a-mole . . . .
* * * NOT A GAM SOLUTION * * *
But, you could try a routing rule similar to this:* Caveat: I have not tested this; section B of the options should only affect emails sent to groups.
You could block the emails, but that would tell the user their emails are being blocked, which might make them resort to other methods. A quiet quarantine just makes them disappear (plausible deniability, if needed), and you can monitor the quarantine to make sure there aren't any unintended consequences.
UUCP Tech
Mar 9, 2023, 2:56:16 PM3/9/23
to GAM for Google Workspace
I recently set up something like this. Our organization has a lot of Google Groups that have to allow emails from outsiders, and periodically we get emails sent to 30+ groups, pretending to be from the minister.
I used compliance to redirect suspicious emails to our catchall account, which I monitor. That way, if we happen to get a legit email from someone with an email address that matches our regex, I can pass it along to the person or group who should get it.
Here's an example of one of the regular expressions I used to redirect any email from Gmail, Hotmail, or Yahoo that has "rev" (short for reverend) in the username part of the email:
Please let me know if this sounds like it would work for you, and I can share the detailed instructions I recently created when I went back to add another regex and realized I had forgotten some of the steps ;-)
Reply all
Reply to author
Forward
0 new messages