Add custom spam filters to Gmail

Customize Gmail's default spam filtering for Google Workspace

This article is for administrators. If you're using Gmail, learn how to mark or unmark spam in your Gmail account.

By default, Gmail scans all email messages for spam. When Gmail detects a spam message, the message is delivered to the recipient's spam folder. You can't turn off Gmail's spam scanning. However, you can use the Spam setting to create spam filters to customize Gmail's spam scanning behavior.

You can set up custom spam filters so that:

  • Messages from senders on an approved senders list aren't marked as spam.
  • Messages from senders in your domains aren't marked as spam.
  • Spam messages are put in quarantine, so you can review them before they’re delivered to recipients.
  • Messages from bulk senders are scanned more closely for spam.

About custom spam filter behavior

An address list of approved senders should include trusted senders only. It's safe to bypass spam filtering for messages from trusted senders. Learn more about address lists.

Address lists of approved senders can be created with individual email addresses or by entire domains. When you add a domain to your address list, the custom spam filter is applied to all senders in the domain.

How custom spam filters are applied

Custom spam filters are set at the organizational unit, and apply to all users in the organizational unit. Users in child organizations inherit spam filter settings from the parent organizational unit.

Keep in mind when creating custom spam filters:

  • Custom spam filters are applied only to incoming messages.
  • Custom spam filters can’t be applied to groups. Spam filter settings affect groups users who are in an organizational unit where the setting is applied.
  • Custom spam filters can be applied based on address lists that you create and manage in your Google Admin console. Learn more about address lists.

Spam and other harmful messages from approved senders

If you get spam or other harmful messages from a sender that's on one of your approved sender address lists:

  • The message is delivered to the inbox, and not the spam folder. These messages have a banner: "This message wasn’t sent to Spam because of your organization’s settings."
  • If a message from an approved sender has a virus or is part of a larger email attack, Gmail prevents the message from being delivered to recipients. 
  • Ask the sender to set up DMARC so their valid messages are delivered to the inbox, and not sent to spam. Learn more about DMARC.

Filter behavior with multiple filters

Some spam filter options are applied to the entire organizational unit where the filter is used. They also override any other filter for the organizational unit that has the option turned off.

These options are:

  • Bypass spam filters for messages received from addresses or domains within these approved senders lists
  • Be more aggressive when filtering spam
  • Bypass spam filters for messages received from internal senders
  • Put spam in administrative quarantine

Add a custom spam filter

Add a custom spam filter:

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. In the Admin console, go to Menu and then Appsand thenGoogle Workspaceand thenGmailand thenSpam, Phishing and Malware.
  3. On the left, select an organizational unit.
  4. Scroll to Spam and click Configure or Add another rule.
  5. In the Add setting box, enter a unique name for the setting.
  6. Select spam filtering options:
    Setting option Description
    Be more aggressive when filtering spam

    Turn on more aggressive spam filtering. It's likely that more incoming messages will be marked as spam, and sent to recipients' spam folders.

    Put spam in administrative quarantine Send messages to email quarantine for review, instead of sending them to the recipient's spam folder. When you remove messages from quarantine to be delivered to recipients, messages are checked against Gmail spam filters again.
    Bypass spam filters for internal senders Internal messages from users within your organization bypass Gmail spam filters. Learn more about bypassing spam filters for internal senders. Authenticated messages from your subdomains, including subdomains not hosted by Google, are treated as internal messages.
    Bypass spam filters for messages from senders or domains in selected lists

    Incoming messages from domains or addresses on the selected approved senders list bypass Gmail spam filters.

    Select one or more address lists of approved senders to apply this option, or create a new address list. You must select at least one address list, or this option has no effect.

    Bypass spam filters and hide warnings for messages from senders or domains in selected lists

    Incoming messages from domains or addresses on the selected approved senders list bypass Gmail spam filters. Warnings about possible suspicious messages aren't displayed for these messages.

    Select one or more address lists of approved senders to apply this option, or create a new address list. Select at least one address list, or this option has no effect.

    Bypass spam filters and hide warnings for all messages from internal and external senders

    All incoming messages bypass Gmail spam filters. Warnings for possible suspicious messages are never displayed.

    Important:

    • This option overrides any other options you select for this setting.
    • We don't recommend this option because it increases the possibility that people in your organization will get spam, phishing, or other unsafe messages.
  7. At the bottom of the Add setting box, click Save.
  8. Verify that the new setting is listed in the Spam settings table.

Changes can take up to 24 hours but typically happen more quickly. Learn more

You can track changes in the Admin console audit log.

Related topics

Spam and authentication

Using address lists

Was this helpful?

How can we improve it?
Search
Clear search
Close search
Main menu
7162981382085404699
true
Search Help Center
true
true
true
true
true
73010
false
false