Introduction

We’ve added protection for malicious calendar invites. To enable this feature, the Sublime app requires updated permission that includes Calendar. This allows Sublime to detect and remediate harmful calendar events and aligns with the same security and privacy posture as your current setup.

How it works

Delete Calendar Events Action works with Quarantine, Trash, or Move to Spam Actions.

Any calendar events associated with a message are also removed when one of the three Actions is applied. When a message is restored, its associated calendar events are recreated as placeholder events.

These placeholder events direct the end user to the original invite for full details and RSVP, ensuring they always reference the most up-to-date event information.

Placeholder events do not include the original invitees or organizer. This prevents duplicate or outdated events from being sent to attendees or conflicting with changes made to the original meeting.

Setup

Cloud-managed Google Workspace

1. Sign into the Google Workspace admin interface at https://admin.google.com
2. In the lefthand sidebar, click Apps → Google Workspace Marketplace apps → Apps list
3. Click on Sublime Platform in the list of domain installed apps
4. Grant access
5. Allow up to 24 hours for changes to propagate

Self-managed Google Workspace

1. Add the Calendar API scope to the domain-wide delegation client you're using with Sublime: https://www.googleapis.com/auth/calendar.events
2. Enable the Google Calendar API in your project
3. Allow up to 24 hours for changes to propagate

Cloud-managed Microsoft 365

1. Visit your organization‑specific authorization link to start the Microsoft consent flow. You can access the link by going into your Azure Portal https://portal.azure.com/#home → Enterprise Applications → Sublime → Permissions under Security → Click "Grant admin consent for [Company]"
   1. Or you can also access by going into your Azure Portal -> App Registrations → Sublime → Manage → API Permissions → Click "Grant admin consent for [Company]"
2. Accept the request that now includes “Read and write calendars”
3. Allow up to 24 hours for changes to propagate

Self-managed Microsoft 365

1. Add the application permission Calendars.ReadWrite to your Azure AD app
2. Grant admin consent
3. Allow up to 24 hours for changes to propagate

That's it!

Tips for further securing your Google calendar

Depending on how Google Workspace is configured, attackers may be able to add meetings to calendars without sending an email. To prevent these “silent” invitations, you can change the following org-wide settings. In Google Workspace Admin Console, go to Apps → Google Workspace → Calendar → Advanced settings. Set Add invitations to my calendar to “Invitations from known senders” or “Invitations users have responded to via email”.

As of publication, we have not verified a similar mitigation strategy for Microsoft 365.