Protect Gmail messages with confidential mode

Gmail users can help protect sensitive information from unauthorized access using Gmail confidential mode. Recipients of messages in confidential mode don't have the option to forward, copy, print, or download messages, including attachments. Users can set a message expiration date, revoke message access at any time, and require an SMS verification code to access messages.

Important: Although confidential mode helps prevent the recipients from accidentally sharing an email, it doesn't prevent recipients from taking screenshots or photos of your messages or attachments. Recipients who have malicious programs on their computer may be able to copy or download your messages or attachments.

Learn more about using Gmail confidential mode.

How Gmail processes confidential mode messages

When someone sends a confidential mode message, Gmail removes the message body and any attachments from the recipient's copy of the message. These are replaced with a link to the content. Gmail clients make the linked content appear as if it's part of the message. Third-party mail clients display a link in place of the content.

Confidential mode messages and Vault

Vault can hold, retain, search, and export all confidential mode messages sent by users in your domain. Vault has no visibility into the content of confidential mode messages sent to your organization from external parties. If your domain uses Vault, carefully review how Vault handles confidential mode messages

To support Vault's requirement to access confidential mode messages, Gmail attaches a copy of the confidential mode content to the recipient's message.

Here's what you should know about this copy:

  • It's attached only when the message sender and recipient are in the same organization.
  • It's only available to Vault.
  • Senders and recipients cannot access the copy from Gmail.
  • Third-party mail archiving tools cannot access the copy.

To delete all copies of a confidential mode message, you must delete it from the sender account and all recipients' accounts.

Confidential mode messages and third-party archiving tools

When a message is sent in Gmail confidential mode, Gmail replaces the message body and attachments with a link. Only the subject and link are sent via SMTP. If your domain uses third-party eDiscovery or archiving tools, Gmail confidential mode may conflict with your organization's eDiscovery and retention obligations. Before enabling this feature, we recommend you discuss the impact with your eDiscovery administrators and other policymakers.

Disable or enable Gmail confidential mode 

As a G Suite administrator, you can disable or enable Gmail confidential mode for your entire domain or for specific organizational units. Disabling the Gmail confidential mode feature prevents users from sending messages in confidential mode. If you want to block all incoming messages in confidential mode, set up a compliance rule to block incoming messages.

To disable or enable Gmail confidential mode for your domain:

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in

  2. From the Admin console Home page, go to Appsand thenG Suiteand thenGmail.
  3. In User settings, uncheck or check the Enable confidential mode box.  
  4. Save your changes.

To disable or enable Gmail confidential mode for an organizational unit:

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in

  2. From the Admin console Home page, go to Appsand thenG Suiteand thenGmail.
  3. On the left, select the desired organizational unit.
  4. Click User settings, then select the desired organizational unit at the left side of the window.
  5. Uncheck or check the Enable confidential mode box.  
  6. Click Save.  

Define rules to handle confidential mode messages

You can specify what action to take on incoming or outgoing Gmail confidential mode messages by creating one or more compliance rules. For example, you can use compliance rules to block incoming messages to your domain. 

How compliance rules trigger on messages 

  • Outgoing messages sent using confidential mode are affected by any content compliance settings or rules you’ve defined for message subject, body, and attachments. 
  • Outgoing messages associated with a compliance rule to remove attachments are rejected, and the sender receives a bounce message. 

  • Incoming messages in confidential mode are checked, but only the message header is scanned (including subject). 

How confidential mode messages are quarantined 

  • Outgoing messages in confidential mode do not go to the Admin quarantine; they are rejected and the sender receives a bounce message.
  • Incoming messages in confidential mode go to the Admin quarantine, but only the message header is scanned. 

Create a compliance rule to block incoming messages

The instructions in this section show you how to create a compliance rule to block incoming messages in confidential mode from your domain. For detailed information about creating compliance rules for all types of content, see Set up rules for content compliance.      

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in

  2. From the Admin console Home page, go to Appsand thenG Suiteand thenGmailand thenAdvanced settings.

    Tip: To see Advanced settings, scroll to the bottom of the Gmail page.

  3. In the Compliance section, scroll to Content compliance
  4. Hover over the Content compliance setting and click Configure. (If you've previously set compliance rules for other types of mail, hover over any rule and click Add another.)

    The Add setting dialog appears, where you'll enter a name, select the message type to match, and define what action to take based on the message. 

  5. In the Add setting dialog, enter the following information:
    • Enter a name for the rule.
    • In the Email messages to affect, check the Inbound box.   
    • From Add expressions, choose If any of the following match the message
    • In Expressions, click Add, and then select Metadata match.
    •  From the Attribute drop-down, choose Gmail confidential mode, and for Match type, choose Message is in Gmail Confidential mode.
    • Click Save.
  6. In the next section, which identifies what to do if the expressions match, choose Reject message.
  7. (Optional) If desired, enter a customized rejection notice, which is directed back to the sender.  
  8. Click Add setting.     


Was this article helpful?
How can we improve it?