Aguardic logoAguardic/Docs

Search documentation

Search all documentation pages

Get Started

Gmail Integration

Scan Gmail messages and attachments for policy violations.

Overview

The Gmail integration connects Aguardic to your Google Workspace email via OAuth. Aguardic monitors incoming and outgoing emails, evaluating message content and attachments against your policies and enforcing actions through Gmail labels and quarantine.

Setup

1

Connect via OAuth

Go to Integrations > Add Integration > Gmail in the Aguardic dashboard and click Connect. You'll be redirected to Google to authorize Aguardic with the required Gmail API permissions.

The Gmail integration requires Google Workspace (business) accounts. Personal Gmail accounts have limited API access.

2

Bind policies

After connecting, go to Policy Bindings and map your policies to the Gmail integration. You can create separate policies for inbound and outbound email.

3

Configure enforcement

Choose how Aguardic enforces policy results on Gmail:

BLOCKMoves the email to the "Aguardic Quarantine" label and applies the "Aguardic Violation" label, removing it from the inbox
WARNApplies the "Aguardic Warning" label to the email, keeping it in the inbox
MONITOR_ONLYNo visible action in Gmail, violations logged in Aguardic only

How It Works

1

Email sent or received

An email is sent or received
2

Push notification

Google sends a push notification to Aguardic via webhook
3

Fetch email data

Aguardic fetches the email content, metadata, and attachments
4

Policy evaluation

The governance engine evaluates against bound policies
5

Enforce policies

Labels are applied or the email is quarantined based on the enforcement mode

Aguardic automatically creates the "Aguardic Quarantine" and "Aguardic Violation" labels in your Gmail account when the first violation is detected.

What Gets Evaluated

Email subjectCheck for sensitive keywords or naming patterns
Email bodyScan content for PII, confidential data, or policy violations
AttachmentsFile names, types, and content of attached files
Sender and recipientsEmail addresses of all parties
DirectionWhether the email is inbound or outbound

Example Policies

Outbound PII Detection

Prevent sensitive personal data from being sent externally:

  • Field: body
  • Operator: MATCHES
  • Value: (\b\d{3}-\d{2}-\d{4}\b|\b\d{9}\b) (SSN patterns)
  • Severity: CRITICAL

Attachment Scanning

Block emails with potentially dangerous attachment types:

  • Field: attachments
  • Operator: MATCHES
  • Value: \.(exe|bat|cmd|ps1|vbs|js)$
  • Severity: HIGH

Unauthorized External Communication

Flag emails sent to non-approved external domains:

  • Field: recipients
  • Operator: NOT_IN
  • Value: @yourcompany.com,@approved-vendor.com
  • Severity: MEDIUM

Next Steps

Microsoft TeamsOutlook