Sophos XG Firewall: How to block web mail except for a custom Google domain


  • This article explains how to block all web mail except for a certain Google domain. Users will no longer be able to access their private email accounts and can only log onto a Gmail for a custom domain.

Create a URL group

  • Login web admin console by your account.
  • Go to Web -> ULR Groups and click Add.
  • Create a URL group called Gmail that includes the following domains:

  • Click Save.

Allow custom Google Domain

  • Go to Web -> Policies and click Add to create Web Policy.
  • Enter No Web Mail in Name field.
  • Click Add Rule to place a new rule above the No Web Mail rule.
  • Edit the rule to add the Gmail URL Group and set allow.
  • Make sure the toggle next to both rules is turned to the on position (see screenshot below).
  • Open up Advenced Setting.
  • Enable Restrict login domains for Google Apps by checking the box.
  • Enter webmail address that you will block in Allowed domain.

How to block web mail

  • Go to Firewall -> Add Firewall Rule or edit an existing one.
  • Create the firewall rule as shown below.

Be the first to comment

Leave a Reply

Your email address will not be published.


This site uses Akismet to reduce spam. Learn how your comment data is processed.