Jump to Content

Documentation API Reference

Documentation

Documentation API Reference

Getting Started

Introduction
Installation
Add a message source
User-reported phishing
MQL Rules
- Detection Rules
- Automations
Actions
Rule Feeds
- Private rule feed authentication
- Rules file format (YAML)
Lists
- Configure the org_vips list
Exclusions
YARA
Attack Surface Reduction

Reference

Message Data Model (MDM)
Message Query Language (MQL)
Message groups
Message types
Role-Based Access Control (RBAC)
Message Access Controls
Rule Severity
Attack Score
Export to S3
- Export Message MDMs
- Export Audit Logs and Message Events

How-to Guides

How to set up a custom domain
How to set up single sign-on (SSO)
How to manage users with SCIM

How-to MQL Guides

How to detect keywords or phrases in the body content of messages
How to detect lookalike domains
How to detect text in attachments
How to use message header values in a rule
How to detect manual outbound forwards

User-reported phishing

Sublime can automatically track the messages your users report as phishing through multiple reporting mechanisms.

Updated almost 3 years ago

What’s Next

Add your abuse mailbox
Gmail's "Report phishing" feature