Jump to Content

Documentation API Reference

Documentation

Documentation API Reference

Overview

Introduction

Set up Sublime

Deploy Sublime
Add a message source
Enable user-reported phishing

Usage Guide

Message types
Message groups
MQL Detection Rules
Automations
- Auto-respond to User Reports
Actions
Lists
- Configure the org_vips list
Exclusions
Attack Score
Role-Based Access Control (RBAC)
Message Access Controls
Export to S3
- Export Message MDMs
- Export Audit Logs and Message Events
ASA: Autonomous Security Analyst

Reference

Message Data Model (MDM)
Message Query Language (MQL)

How-to Guides

How to set up a custom domain
How to set up single sign-on (SSO)
How to manage users with SCIM
How to Integrate Email Threat Intel with a TIP
Recommended Automations

How-to MQL Guides

How to detect keywords or phrases in the body content of messages
How to detect lookalike domains
How to detect text in attachments
How to use message header values in a rule
How to detect manual outbound forwards

Enable user-reported phishing

Sublime can automatically track the messages your users report as phishing through multiple reporting mechanisms.

Updated 3 months ago

What’s Next

Add your abuse mailbox
Gmail's "Report phishing" feature
Microsoft 365's Native “Report phishing” feature