1

Tired of my G Suite users falling for emails "from" our CEO and other leadership team members, and the [EXTERNAL] that I appended to the subject of all external emails has been great but not helping everyone.

I have written a Google Apps Script that compares the "from" name of the sender to that user's company email and personal email, and then if there is not a match, it forwards the email to IT (to confirm/let the user know if it was somehow legit) and then deletes it to the user's trash.

I've got a trigger to setup so it runs every minute. It's only looking 3 mins back in emails so it doesn't waste resources/runs but also doesn't miss if it has an error for some reason. Have individually set up for a couple users as a test and myself and it appears to be working great.

My question after not finding a use case in the Google Add-Ons examples that really fit this use case...

How do I best deploy this to all of my domain users such that it uses the existing 1 min trigger, requires no user interaction - except maybe to install, and updates as I update the script?? I'm reading stuff about cards and icons and triggers for opening an email and such but none of this is what I'm looking for. I want it running in the background at all times to where if the user only looks at email on their phone or Mac Mail/Outlook that the script is still catching the phony emails.

Has anyone done anything like this. Google Support people, is there a page I've missed in my search for answers?

Jacques-Guzel Heron
  • 2,480
  • 1
  • 7
  • 16
Mark
  • 11
  • 1

2 Answers2

1

Depending on your g suite account...why not enable "Advanced phishing and malware protection". Specifically the section on spoofing as you can choose a giant warning banner, send to spam or quarantine it. If you only want execs then you could do a check in Gmail settings for unauthenticated email vs a whitelist and take action that way also.

https://support.google.com/a/answer/7490901?hl=en#spoofing-authentication-safety

user1913114
  • 11
  • 1
0

I figure out that the question here is that you want to develop an add-on over your whole domain. If my assumption is correct, then you can opt in to follow these steps on how to install G Suite Marketplace apps in your domain. If you want to test the reach of this operation, you could develop an reviewed and trivial app like Cats and introduce it to your domain. While developing your add-on, please be aware of the best practices. After the developing process you can publish it to G Suite Marketplace. Keep in mind that you could add this add-on to your domain even if it's published as internal.

After reading your comments I get that you want to use this add-on even if users aren't online. In that case you could activate domain wide delegation of authority over your domain and use service accounts to control G Suite API interactions. To run this script at every minute you can use cron, but please be mindful of Gmail API quotas.

Along with the former, you can reach G Suite support and they'll better assist you with preventing phishing forces. Please, ask me any question to better clarify myself.

Jacques-Guzel Heron
  • 2,480
  • 1
  • 7
  • 16
  • Thanks for the quick response Jacques! Unfortunately, that first link appears to be for adding marketplace apps that other have created. If it works for one's I've developed too, I don't know how to get mine to show there. Do you have any advice of how to get to those stages? I have looked various other Google Developer help pages and none of them seem to apply to my intended use case or I had an issue with one of the instructions that I couldn't get around. – Mark Jun 18 '20 at 18:16
  • Hi there @Mark! You are right, these guides will help you with apps already on the marketplace. To publish your app, please follow [these steps](https://developers.google.com/gsuite/marketplace/listing-gsm). – Jacques-Guzel Heron Jun 22 '20 at 07:55
  • I only want my domain to use this as it will specifically be checking for email addresses from my leadership team and won't apply to anyone else. If I don't want this public on marketplace is this still the right link to follow? – Mark Jun 25 '20 at 12:01
  • @Mark, if you don't want to publish the add-on on the Marketplace you could work with this [guide](https://support.google.com/a/answer/162106) to implement third-party apps in your domain using [service accounts](https://developers.google.com/identity/protocols/oauth2/service-account). – Jacques-Guzel Heron Jul 02 '20 at 06:46
  • Interesting concept! Will that allow me to run an apps script with time trigger of 1 min across all of those accounts by installing the script on that "service account" or do I still need to figure out how to do an add on? If it will run across all accounts... would I hit apps script limits because it'd be reading everyone's mail from one account?? – Mark Jul 07 '20 at 12:51
  • @Mark, I just updated my answer to better address your new concerns and tie together my previous comments. Please, take a look and leave a comment if you need further help. – Jacques-Guzel Heron Jul 16 '20 at 07:04
  • Sorry I didnt mention it, but I do have all of that stuff turned on. I also have all of the SPF checking and DMARC stuff configured and have for years. The problem with the "warning banners" is that not all of our users go on gmail.com to get their email... in fact most don't. They're using a program to access email and or using it from their phone. I need to stop the mail before it gets to them. Sounds like G Suite enterprise may have the tools to do what I want.. so it may be easiest to just go that route. – Mark Jul 17 '20 at 12:08