Customize spam filter settings

This feature is not available in the legacy free edition of Google Apps.

Incoming email messages are subjected to Google's spam filters, which automatically places messages detected as spam in a user's Gmail spam folder. Using the Spam setting, you can customize your spam filters in the following ways:

  • Turn on aggressive spam filtering to enforce more stringent filtering of bulk mail.
  • Create an approved sender list to bypass Google's spam filter. You can approve specific senders based on the email address or domain. You can also approve all internal messages within your organization.

Similar to other email security settings, the Spam setting applies to all users in an organizational unit. Users within child organizations inherit the settings you create for the parent organization.

About approved senders

You can reuse approved sender lists across different settings. For example, you can specify the same approved sender list in both the Spam and Blocked senders settings, and it would modify the behavior of both settings.

The approved sender/bypass spam filter option applies to incoming mail only.

How senders are identified: The service identifies an approved or blocked sender by looking at the address in the message’s 'From' field. First, it looks at the 'From' address shown in the message header. If that is empty, it looks at the 'From' address in the message’s 'Envelope' (which is typically hidden from view in email clients). 'Reply-To' headers aren't checked because they aren't necessarily assigned to the actual sender.

Google Apps normally verifies messages at the SMTP layer before accepting the message to be processed by our internal servers. If a message is suspicious, we reject the message (i.e. the event is logged but the message is not accepted into our server). However when you set up an Approved Sender rule to approve internal senders or any other trusted domain, we must disable the SMTP verification layer for your domain to accept all messages to be processed by the rules configured in the Approved Sender list settings. Consequently, when you create an Approved Senders list, regardless of what is in the list, suspicious messages are no longer rejected outright and are now tagged as spam and become visible under the users Spam label.

Note: In some cases, "super spammy" messages sent from approved senders can still be marked as spam and delivered to recipients' Spam folder. Also, if a message from an approved sender contains a virus or is part of an email attack, Google's virus filters will still prevent it from reaching your users.
To customize spam filter settings
  1. Sign in to the Google Admin console
  2. From the dashboard, go to Apps > Google Apps > Gmail > Advanced settings
  3. In the Organizations section, highlight your domain or the organizational unit for which you want to configure settings (see Configure advanced settings for Gmail for more details).
  4. Scroll down to the Spam section:
    • If the setting's status is Not configured yet, click Configure (the "Add setting" dialog box displays).
    • If the setting's status is Locally applied, click Edit to edit an existing setting (the "Edit setting" dialog box displays), or click Add another to add a new setting (the "Add setting" dialog box displays).
    • If the setting’s status is Inherited, click View to view the inherited setting, or click Add another to add a new setting (the "Add setting" dialog box displays).
  5. Enter a description for this configuration—for example, "Eng Spam Bypass Setting."
  6. To turn on more aggressive spam filters, check the Be more aggressive when filtering bulk mail box. If you check this box, Gmail’s spam filter is more likely to decide that a message is spam. As a result, fewer spam messages should arrive in your Inbox. However, checking this box may also result in more non-spam messages being sent to your Spam folder.
  7. To set up an approved sender list, select either or both of the following options:
    • To bypass spam filters for messages received from internal senders (from users in the same organization), check the Bypass spam filters for messages received from internal senders box.
    • To bypass spam filters for messages received from addresses or domains specified in your approved sender lists, check the Bypass spam filters for messages received from addresses or domains within these approved senders lists box.
    • To send messages that meet your spam filter criteria to an admin quarantine for review, check the Put spam in administrative quarantine box.
  8. If you checked the second box in step 7, do the following:
    • Click Add or create a new one to create a new approved sender list.
    • To use an existing list as your approved sender list, click the list name.
    • To create a new list, enter a name for the list in the Create new list field, and then click Create.
    • To edit one of your lists, hover over the list name, click Edit, and then do any of the following:
      • To add email addresses or domains to the list, click Add.
      • Enter an email address or domain name (for example,
        Note: Check the Do not require sender authentication box to bypass the spam folder for approved senders that do not have authentication, such as SPF or DKIM enabled. Use this option with caution as it can potentially lead to spoofing.
      • When you're finished making changes, click Add setting or Save to close the dialog box.
      • Repeat these steps to add more email addresses or domains to the list.
  9. When you're finished making changes, click Add Setting to close the dialog box.
    Note: Any settings you add will be highlighted on the "Email settings" page.
  10. Click Save changes at the bottom of the "Email settings" page.