Tag Archives: Gmail

Improve email security in Gmail with TLS by default and other new features

What’s changing

Recently, the Google Security blog outlined how the usage of Transport Layer Security (TLS) has grown to more than 96% of all traffic seen by a Chrome browser on Chrome OS. The blog post also highlighted a significant goal: to enable TLS by default for our Google products and services, and to ensure that TLS works out of the box.

Gmail already supports TLS, so that if the Simple Mail Transfer Protocol (SMTP) mail connection can be secured through TLS, it will be. However, in order to encourage more organizations to increase their email security posture, and to further the above goal of enabling TLS by default, we’ve made the following changes:

  • TLS for mail connections will now be enabled by default
  • Admins are now able to test their SMTP outbound routes’ TLS configuration in the Admin console before deployment. They no longer need to wait for messages to bounce.

While admins have always had the ability to require TLS encryption for mail routes, it was previously off by default. Note that existing mail routes will not be impacted by these changes.

Who’s impacted

Admins

Why it’s important

We always recommend that admins enable existing mail security features, including SPF, DKIM, and DMARC, to help protect end users. We also recommend that admins turn on MTA Strict Transport Security (MTA-STS), which improves Gmail security by requiring authentication checks and encryption for email sent to their domains. Enabling TLS by default on new SMTP mail routes enhances the security posture of our customers while enabling admins to test connections before enforcing TLS on existing routes makes it easier for them to deploy best practice security policies.

This change will not impact mail routes that were previously created.

Additional details


TLS enabled by default on new mail routes
With TLS enabled by default for new mail routes, all certificate validation requirements are also enabled by default. This ensures that recipient hosts have a certificate issued for the correct host that has been signed by a trusted Certificate Authority (CA). See more details about how we’re changing the requirements for trusted CAs below.

Admins will still have the ability to customize their TLS security settings on newly created mail routes. For example, if mail is forwarded to third-party or on-premise mail servers using internal CA certificates, admins may need to disable CA certificate validation. Disabling CA certificate validation, or even disabling TLS entirely, is not recommended. We encourage admins to test their SMTP TLS configuration in the Admin console in order to validate the TLS connection to external mail servers before disabling any recommended validations. See more details about how to test TLS connections in the Admin console.

Certificate Authority distrust in Gmail
In the past, the Google Security Blog has highlighted instances where Chrome would no longer trust root CA certificates used to intercept traffic on the public internet and where Chrome distrusts specific CAs.

If these scenarios occur in the future, these certificates will also be distrusted by Gmail. When this happens, mail sent using routes that require TLS with CA-signed certificate enforcement may bounce if the CA is no longer trusted. Although the list of root certificates trusted by Gmail can be retrieved from the Google Trust Services repository, we encourage admins to use the Test TLS Connections feature in the Admin console to confirm whether certificates have been distrusted.

Test TLS connections in Admin console
Admins can now use the new Test TLS Connection feature to verify whether a mail route can successfully establish a TLS connection with full validation to any destination, such as an on-premise mail server or a third-party mail relay, before enforcing TLS for that destination.

Getting started


Admins:

TLS settings
TLS will be ON by default for all new mail routes. We recommend that admins review all of their existing routes and enable all recommended TLS security options for these routes as well.

Testing TLS connections
Admins who want to require a secure TLS connection for emails can now verify that the connection to the recipient's mail server is valid simply by clicking on the “Test TLS Connection” button in the Admin console; they no longer need to wait for emails to bounce.

Learn more about requiring mail to be transmitted via a secure (TLS) connection and adding mail routes in the Help Center.

All certificate validations are now enabled by default when creating a new TLS compliance setting.

TLS and all certificate validations are now enabled by default when creating a new mail route.

End users: There are no end user settings for these features.

Rollout pace



Availability


  • Available to all G Suite customers

Resources




Create and use multiple signatures in Gmail

Quick launch summary

It’s now possible to use multiple signatures in Gmail. Multiple signatures give you the flexibility to use different signatures for different situations such as:

  • Communicating across teams, organizations, or products
  • Communicating across languages
  • Using different default signatures for new emails and replies, and more.


Getting started

End users: This feature will be available by default. To create multiple signatures, in Gmail go to Settings (gear icon) > Settings > General. Then, scroll down to “Signature” and select “Create New” to enter multiple signatures. To use the additional signatures, open the signature menu in the compose action toolbar to switch signatures. Visit the Help Center to learn more about multiple signatures in Gmail.

Rollout pace



Availability


  • Available to all G Suite customers and users with personal Google Accounts

Resources




Refine search results in Gmail faster with search chips

What’s changing

We’re introducing search chips in Gmail, an easier way to sort and filter search results to find exactly what you’re looking for faster.

For example, you can search a colleague’s name and further narrow your results by selecting search chips like attachment type (Text document, Spreadsheet, PDF) or a specific timeframe. You can also filter out certain results, like calendar invites.

Who’s impacted

End users

Why you’d use them

We’ve heard from our users that searching in Gmail could be faster and more intuitive. 

With search chips, you can easily refine your search results and find what you’re looking for faster, without needing to sort through irrelevant returns or use search operators (like from: [email protected]).

How to get started

Admins: There is no admin control for this feature.

End users: This feature is available by default. When searching in Gmail, you can further refine your search results by clicking on the search filter chips below the search box.

Rollout pace


Availability

  • Available to all G Suite customers


Refine search results in Gmail faster with search chips

What’s changing

We’re introducing search chips in Gmail, an easier way to sort and filter search results to find exactly what you’re looking for faster.

For example, you can search a colleague’s name and further narrow your results by selecting search chips like attachment type (Text document, Spreadsheet, PDF) or a specific timeframe. You can also filter out certain results, like calendar invites.

Who’s impacted

End users

Why you’d use them

We’ve heard from our users that searching in Gmail could be faster and more intuitive. 

With search chips, you can easily refine your search results and find what you’re looking for faster, without needing to sort through irrelevant returns or use search operators (like from: [email protected]).

How to get started

Admins: There is no admin control for this feature.

End users: This feature is available by default. When searching in Gmail, you can further refine your search results by clicking on the search filter chips below the search box.

Rollout pace


Availability

  • Available to all G Suite customers


View out of office information in more places on Gmail for web

Quick launch summary 

Last year, we announced the ability to see when someone is out of office in Gmail, specifically when composing a new email or Hangouts Chat. Now, we’re expanding that functionality to more places in Gmail on web, like when you’re hovering over someone’s name in your inbox or in the “To” or “From” line in an email.


This feature gives visibility to your time out of office in more places across G Suite, making it clear to senders the appropriate time to message you.

Getting started 

Admins: There is no admin control for this feature. 

End users: These notices will automatically appear when anyone whose calendar you have access to has an out of office event scheduled. Use our Help Center to learn more about disabling the sharing of availability information to other G Suite apps

Rollout pace 



Availability 


  • Available to all G Suite customers 

Resources 


The Suite Life: 4 tips for a more manageable Gmail inbox

The average person receives 120 emails a day, which means  keeping your inbox under control can feel like an impossible task. Fortunately, G Suite gives you the tools you need to stay focused and organized. Welcome to the Gmail edition of The Suite Life, a series that brings you tips and tricks to get the most out of G Suite. In this post, we’ll provide advice to help you save time and get more done—right from your Gmail inbox.

Tip 1: Write now, send later with Schedule send

Whether you’re firing off a reply outside of normal work hours, collaborating with teammates across time zones, or want to send your future self a reminder, there are lots of reasons to schedule an email instead of hitting send right away. With Schedule send, you can plan exactly when your email will be sent in Gmail. This means your emails can reach teammates at a time that's convenient for them.

the suite life - schedule send.png

Here’s how:

  1. When you’re done writing your email, click the arrow to the right of the Send button in Gmail.

  2. Select “Schedule send.”

  3. Choose a date and time that works for you.

  4. Once you’ve scheduled at least one email, you’ll see a new box called Scheduled where you can view emails set to be sent, change times, or cancel the send.

Pro-tip: Curious to know how Googlers stay on top of things? Try out these tips.

Tip 2: Turn emails into Tasks in one step

A lot of emails require some sort of follow-up. With Google Tasks, you can quickly turn that email into an item on your to-do list without ever leaving your inbox.

the suite life - drag email to task.png

Here’s how:

  1. Click and drag your email into the Tasks list located in the Gmail companion bar. 

  2. Type the text that describes your task, and a link to the email is attached to the bottom. You can also press SHIFT + K when you’re in an email to automatically add it to your Tasks list.

If you’re new to Tasks, check out this article to help you get started. Or if you’re used to using Google Keep, try out some of these tricks of the trade.

Tip 3: Send and archive emails at the same time

The secret to a tidy inbox is archiving emails when they’re no longer needed. Gmail gives you the option to reply to an email and archive it in the same step, which means you can get to Inbox Zero faster than ever.

the suite life - send and archive.png

Here’s how: 

  1. In Gmail settings, click the General tab, then click the “Show ‘Send & Archive’” button.

  2. Scroll to the bottom of the page and click Save Changes. Now, when you write an email, you’ll see the “Send & Archive” button at the bottom of the page; clicking on it will complete both actions at the same time.

Tip 4: Create a Google Calendar event in one click

Ever find yourself thinking “I should set up a meeting about this” after reading an email? Schedule it right from Gmail—no need to open Calendar separately.

the suite life create an event in gmail.png

Here’s how to create Calendar events from emails in one single step:

  1. When you’re in an email, navigate to the three dots and click Create Event. This will open a new Calendar tab. The subject of the email becomes the event title, anyone in the “To” or “Cc” line is added as a guest to the event, and the most recent reply to the thread is embedded in the description. 

  2. Click “Save,” and you’re done! 

We’ve got plenty more tips to help you better use G Suite tools like Gmail, Docs, Calendar, and more. Check out all the videos from The Suite Life.

Gmail for iOS now allows you to add attachments from the Files app

Quick launch summary 

In the Gmail iOS app, when composing or replying to an email, you can now upload attachments from the Files app on your iPhone or iPad.



Getting started 


  • End users: This feature will be available by default. In the Gmail iOS app, when composing or replying to an email, click the attachment icon and scroll to the “Attachments” section. Then select the folder icon to select an attachment from the Files app. 

Rollout pace 


  • Rapid Release domains: Extended rollout (potentially longer than 15 days for feature visibility) starting on February 12, 2020 
  • Scheduled Release domains: Extended rollout (potentially longer than 15 days for feature visibility) starting on February 12, 2020 

Availability 


  • Available to all Gmail iOS users.

Changes to multiple inboxes in Gmail starting February 20, 2020

What’s changing 

We’re updating the way multiple inboxes work in Gmail. Specifically, starting February 20, 2020, for Rapid release domains and March 5, 2020, for Scheduled release domains, we’ll enhance multiple inboxes to support independent scrolling, a unified toolbar, and adjustable width in right-side configurations.

In addition, starting on those dates, multiple inboxes will no longer support three-pane layouts with the preview pane (renamed “reading pane”) view. 

See the “Additional details” section below for more information on these changes.

Who’s impacted

End users

Why it’s important 

Multiple inboxes help you break out key emails, like important tasks or those from specific people, and make them visible alongside your main inbox in Gmail, in a completely customizable way. 

Additional details 

Split pane configurations no longer supported 
Beginning February 20, 2020, for Rapid release domains and March 5, 2020, for Scheduled release domains, multiple inboxes with preview pane (to be renamed “reading pane”) configurations will no longer be supported.

If you currently have multiple inboxes in an unsupported configuration, you will see a notification in Gmail informing you of this upcoming change. Once this change takes effect, the preview pane will turn off if you use multiple inboxes. If you want to continue using preview pane (i.e. reading pane), you’ll need to use an inbox type other than multiple inboxes. You can do this by going to Settings > Inbox > Inbox type.


Notification banner in Gmail

Inbox type settings in Gmail

Configure multiple inboxes and reading pane more easily
On these dates, we’ll also relocate the settings for multiple inboxes out of the “Advanced” tab and into the “Inbox” tab along with other inbox configurations to better align with user expectations.




Once these changes go into effect, you’ll be able to enable or disable the reading pane by clicking the gear icon and selecting Settings > Inbox > Reading pane. With reading pane view, you can open mail next to your list of conversations, making mail reading and writing faster while also providing more context. 


Reading pane settings in Gmail


Individual scroll bars for multiple inboxes, adjustable panels, and collapsible sections
Starting on these dates, when the right side configuration of multiple inboxes is enabled, each inbox will have an individual scroll bar. This will allow you to scroll in either inbox separately as needed so you can more flexibly navigate your email. Previously, you could only scroll both inboxes at once.

The divider at the right side between the inbox and the multiple inbox sections will become adjustable, allowing you to minimize or maximize each panel as needed. 

Also with this update, additional sections in multiple inboxes are now collapsible. 





A single action toolbar for multiple inboxes
There will also be one action toolbar across multiple inboxes. This will allow users to take actions across multiple sections and ensure that triage functionality and keyboard shortcuts work consistently. Currently, at the top of each inbox, there is a separate toolbar for each section in the bottom and top configurations, but no toolbar for any of the additional sections for the right-side configuration. Now, there will be one unified toolbar for the whole inbox in all configurations.

Getting started

Admins: There is no admin control for these features.

End users: Once these changes begin rolling out to your domain, the preview pane will turn off if you use multiple inboxes. If you want to continue using the preview pane, you’ll need to use an inbox type other than multiple inboxes. You can do this by going to Settings > Inbox > Inbox type.
Individual scroll bars, adjustable panels, collapsible sections within multiple inboxes, and the single action toolbar will be available by default.

Rollout pace


Availability

  • Available to all G Suite customers and users with personal Google Accounts


G Suite Add-ons now generally available in Calendar, Gmail, and Google Drive

What’s changing 

Last year we announced the beta of G Suite Add-ons, a new cross-suite platform that connects G Suite to your favorite workplace apps. Beginning today, G Suite Add-ons will begin rolling out to all users.

With G Suite Add-ons, workflows that require third-party applications can be executed inside G Suite, allowing users and teams to use the applications they want without leaving G Suite. For example, you can install the Workfront add-on for quick access across Calendar, Gmail, and Google Drive.

Installing the Workfront add-on directly from Calendar


Access G Suite Add-ons from the side panel of Calendar, Google Drive, and Gmail

Take action without leaving G Suite


Who’s impacted

Admins and end users

Why it’s important

G Suite Add-ons connect G Suite with third-party applications so you can work directly from the G Suite app you’re using, rather than toggling from one app to another. They also surface relevant information and suggest actions based on what you’re working on. 

Add-ons from SignEasy, WebEx, Workfront, Lucidchart and more will be available once this feature has fully rolled out and can be installed from the G Suite Marketplace

Organizations can also build their own add-ons using Apps Script. Note that the developer feature will be fully available in early February — we’ll provide an update here once it’s fully rolled out.


Additional Details

G Suite Add-ons will work across G Suite products, allowing developers to create a single add-on that works across G Suite, rather than building a separate add-on for each application within G Suite. 

G Suite Add-ons are currently accessible in Calendar, Gmail, and Google Drive, with support for other G Suite products coming later this year.

Getting started

  • Admins: This feature will be available by default. If you allow users to install only whitelisted applications from the G Suite Marketplace, you can specify those apps within the Admin console. Or, you can install chosen G Suite Add-ons for your entire domain via the listing in the G Suite Marketplace.
  • End users: This feature will be available by default. You’ll be able to install G Suite Add-ons using the “+” button in the G Suite quick access side panel. The add-ons you install will appear in the side panel across G Suite apps.

Rollout pace

Resources

Roadmap

New controls for displaying sender attribution for shared mailboxes

What’s changing 

We’re adding new controls for how the “Sender Attribution for Shared Mailboxes” is displayed. Currently, sender attribution is always enabled — this will remain the default setting unless disabled by the admin or the end user.

For end users, there’s a new setting in Gmail where you can specify what information is included in the email header of messages sent by delegates.

For admins, there’s a new setting in the admin console that allows you to hide all attribution for shared mailboxes in your domain or organizational unit (OU). This will override and disable the user setting in Gmail.

Who’s impacted

Admins and end users


Why you’d use it 

Organizations use shared mailboxes in Gmail in multiple ways. For example, if an executive admin is responding on behalf of a CEO, from the CEO’s mailbox, sender attribution makes it clear who specifically drafted and sent the email.

Or, if you use an [email protected] mailbox to communicate with customers, customers will view all responses as equally valid, without knowing whether they were sent by [email protected], or [email protected]

With these new settings, you can now control and customize how attribution is handled for your domain, by OU, or on an individual user level.

Getting started 

Admins: Sender attribution is on by default and can be disabled at the OU or domain level. The new setting can be found in the Admin console under Apps > G Suite > Gmail > User settings > Mail Delegation. Note that the default setting will be “Allow users to customize this setting” and “Show the account owner and delegate who sent the email.”

Settings for Mail Delegation in the Admin console

End users: Sender attribution is ON by default. You can view and set sender attribution parameters by going to Settings > Account > Grant access to your account in Gmail. If your admin has hidden sender attribution for your domain or OU, no action can be taken.

End user settings for sender attribution in Gmail


If disabled at the OU or domain level, end users can take no action in Gmail

Rollout pace


Availability

  • Available to all G Suite customers

Resources