How to stop getting Google document requests to edit from users outside your organisation from publicly viewable files.

Gmail request for access filter

G Suite – Paid editions, Gmail, Google Sheets, Google Docs, Google Slides, Google Drive

Recently, I had updated all the course materials in a learning management system (Not Google Classroom. Sorry Google) to only use G Suite files like Docs, Sheets and Slides for students to access.

For me, this was a pretty logical step. It allowed course creators to update their files live when they had to correct errors or make minor changes quarter-to-quarter or year-to-year. Administratively, it meant that files did not have to be accounted for, deleted and updated every time a change was made.

The Problem

While time-consuming, the changeover went well as we changed all of the student resources into Google files. We set all the files to be accessible to anyone with the link can view (The organization does not have student accounts on the same domain as the staff).

Google sharing settings

However, in the back of my mind, there was a problem I knew I needed to address. The dreaded request for access to edit. With over 3,500 students on the program and hundreds of files for them to access, it would be a huge pain if some of these students clicked that view and requested edit access.

Google Docs View Only - Request Edit Access

There is no way to prevent users from not being able to do this within the document’s share options. Likewise, my organisation may want to allow requests inside the domain (for example name@yagisanatode.com is okay, but name@gmail.com is not).

The Solution – Gmail Filters

In the end, the solution turned out to be pretty simple. Gmail has the ability to filter incoming emails with certain subject lines, content and much more. Using these filter conditions you can create rules from them. You can delete them entirely, archive them immediately, add labels to the email and much more.

For us, we simply wanted to delete emails from users outside our organisation that were requesting edit access to our documents.

Here is how we did it.

Note! Remember this particular example is for the paid G Suite account with your own custom domain.

Step 1:

First, log in to your Gmail. Click the settings cog, top right, and select Settings.

Gmail Settings

Step 2:

Across the top menu, you will see the Filters and blocked addresses tab. Click it.

Gmail- Filters and blocked addresses

Step 3:

Select Create a new filter.

Gmail - Create new filter

Step 4:

A popup window will appear.

We are going to edit the Includes the words field.

When you receive a request from a user outside your domain you will generally get a message in the body of the email like this:

name@gmail.com is requesting access to the following document:

G Suite request for access email

We don’t want to see any email requests with the @gmail.com. So lets copy and paste the text “@gmail.com is requesting access” into our Includes the words text field.

Then go ahead and click continue.

Gmail filter restrictions

Step 5:

After you hit continue a new window will appear that will allow you to decide on your rules or what you want to do based on the conditions you created in the previous window.

For us, we will select:

  1. Mark as read
  2. Delete it
  3. Never mark as important

1 and 3 are a little redundant because it will be deleted, but I like to be thorough.

Gmail filter rules

You may not want to delete the requests, however. Instead, you may wish to keep the request, but just don’t want to see them. So instead of selecting the Delete it option, select the Skip the Inbox (Archive it) option.

Select Update filter and you are all done. The next request access to edit email from a @gmail.com account that comes in will be automatically deleted and it will no longer be spamming your Inbox.

Conclusion

This is a simple solution to not getting spammed by requests for edit access from users outside of your organisation’s domain. You may still get the occasional email from a Gmail for Business account that is not in your domain, but these will be rare enough for you to warrant some interest and will certainly not be your students.

One downside that I would have like to have is to be able to use the Canned response option to give students instructions. However, when you use the delete it option you cannot use it. Also, when you chose to archive, it sends it to an intermediary email that is tied up with Google drive and not directly to the user. It’s a pain, but not a big issue.

In the end, I am pretty happy with the solution. It works with all files and documents with this permission type, which saves creating rules for each file shared. It’ll also be pretty easy to teach to staff.

~Yagi.

Leave a Reply