After some searching and reading the documentation I came across this commit. I tried it in Gerrit 2.7-rc1 and it worked.
Your gerrit config should contain the following:
[auth]
type = OPENID
trustedOpenID = https://www.google.com/accounts/o8/id?id=
openIdDomain = @mysite.com
This permits me to log in using with any OpenID enabled email address in the domain mysite.com and prohibits others. Note that the '@' has to be there it doesn't work without it. ;-)
Additionally if you only want to allow Google as an OpenID provider you may want to set the following to skip the selection of OpenID providers:
[auth]
type = OPENID_SSO
openIdDomain = @mysite.com
openIdSsoUrl = https://www.google.com/accounts/o8/id
Documentation for Gerrit 2.6 also contains this information.