Create Gmail Group & Configure Host

WHITELIST IP’S

• Go to admin.google.com → apps → Google Workspace→ Gmail → hosts

• Click add route

• Name: Perception Point Scanner
  

• Host name: inbound-smtp.eu-west-1.amazonaws.com
  

• port: 25
  

• Do NOT check perform MX lookup on host

• Make sure that “Require secure transport (TLS)” is checked

• Make sure that “Require CA signed certificate” is checked

• Make sure “Validate certificate hostname (Recommended)”

•  Click Save
  

WHITELIST IP’S

• Go to admin.google.com → apps → Google Workspace → Gmail → Spam, Phishing and Malware

• Scroll down to Inbound gateway and click the edit button

• “Enable” the Inbound Gateway if it has not been enabled

• Add the following IPs to your inbound gateway

• 99.81.216.78

• 34.249.190.60

• 108.128.137.108

• 99.80.189.20

• 209.85.128.0/17

• Check “Automatically detect external IP”

• Check “Require TLS for connections from the email gateways listed above”

• In the Message Tagging section (for P.P. Spam engine – optional)

• Check “Message is considered spam if the following header regexp matches”

• Insert <X-PERCEPTION-POINT-SPAM: FAIL> to the Regexp

• Make sure “Message is spam if regexp matches” is selected

• Uncheck “Disable Gmail spam evaluation on mail from his gateway;

• only use header value”.

• Click Save
  

ADD A CONTENT COMPLIANCE RULE

• “Add expressions that describe the content you want to search for in each message”:

• In the first dropdown choose: “If ALL of the following match the message”

• Click add

• Fill in accordingly:
  

• Advanced content match

• Location: Full headers

• Match type: Not contains text

• Content: {Unique Value at least 8 characters long}
  

Example: GHTD465J

Create an expression that is unique to your organization, using a password generator such as 1Password. We highly recommend using capital letters and numbers. Avoid using the full organization name.

• Save

• If the above expressions match, do the following: “modify message”

• Check “Add X-Gm-Original-To header” & “Add X-Gm-Spam and X-Gm-Phishyheaders”

• Check “Add custom headers” (same generated Value as above)

• Header: X-PERCEPTION-POINT-ROUTING

Please note that the “X-” is being added to the expression automatically.

• Value: {The value generated in previous step above}

Example: GHTD465J

The expression added must be the exact expression added in the previous section.

• Check “Change route” (and “Also reroute spam” – optional)

• From the dropdown choose “Perception Point Scanner”

• At the bottom of the dialog click “show options”

• Under “Account types to affect” choose “Users” and “groups” (Unrecognized / Catch-all)

• Under “envelope filter” choose “only affect specific envelope recipients” and in the drop down, choose “Pattern match” for your domain or “Group membership” for a specific email group.

• Multiple Domains: If you wish to add more than one domain/user group/user, add them with “|” and without spaces between them.
  

• Edit the “expressions” section under content compliance” and add a new expression:

• Metadata match

• Attribute: Message size

• Match type: Message size is less than the following (MB) 40

• Save

• Click Save for the settings change