Restrict Inbound Mail to G Suite Not Originating From Hosted Email Security

This article aims to provide a comprehensive explanation of the necessary steps to restrict inbound emails to G Suite that do not originate from hosted email security. The following steps will lock down G Suite to accept emails only from SonicWall Hosted Email Security (HES).

1. Log into the G Suite admin portal and select the General Settings tab on the Advanced Settings page.
2. Scroll down to the Spam section, hover over the Inbound gateway setting, and click Configure.
3. Enter a description to represent the rule and click Add in the Gateway IPs section.
   
4. Add the IP ranges found in the HES FAQ or in Hosted Email Security IP Addresses and click Save.

NOTE: The diagrams and written content within the images are provided for illustrative purposes only. Each range of IPs will need to be entered separately. 

Once the IP ranges are added, check the box next to Reject all mail not from gateway IPs and click Add Setting. 

NOTE: The diagrams and written content within the images are provided for illustrative purposes only.

G Suite is now configured to accept only mail sent from SonicWall Hosted Email Security.
NOTE: The diagrams and written content within the images are provided for illustrative purposes only.
TIP: It is recommended to disable Spam Filtering in G Suite as HES will act as the spam filter. For steps to disable Spam Filtering in G Suite, click here.