top of page
Search

Sublime Just Got Even Smarter: Automatic Calendar Event Deletion Is Here

  • Oct 31
  • 3 min read
ree

If you’ve been following me for a while, you already know how much I love Sublime. It’s one of those tools that just keeps getting better — feature after feature, update after update — all with one goal:

making email security effortless.

And today, they’ve released something that’s honestly a game changer.



The Hidden Threat: Malicious Calendar Invites

We’ve all seen those sketchy calendar invites — you know, the ones that magically appear on your calendar even though you never accepted them. Sometimes they’re phishing attempts. Sometimes they’re just spam. Either way, they’re becoming a growing problem across both Google Workspace and Microsoft 365.

Attackers have learned that not every threat has to come through your inbox. Many organizations still allow automatic calendar event additions, and that’s where trouble starts. A single malicious invite can trick users into clicking phishing links or even expose them to malware.

That’s why this new Sublime feature is such a big deal.

-------------------------------------------------------------------------------------------------------------

What’s New: Automatic Calendar Event Deletion

Sublime’s new Automatic Calendar Event Deletion feature can now automatically delete malicious or unwanted calendar events whenever you:

  • Quarantine a message,

  • Move it to spam, or

  • Send it to the trash.

    ree
In short, if a bad email comes in with a sneaky calendar invite attached — Sublime wipes that calendar entry for you.

That’s brilliant. One less attack vector to worry about.



-------------------------------------------------------------------------------------------------------------

Why It’s So Useful

Think about this:

You receive a spam or phishing email that includes a calendar invite. Even if you delete the email, that event might still sit on your calendar, waiting for someone to click it later.

Now, Sublime closes that gap completely. When you remove or quarantine the email, the related calendar event goes with it.

This is exactly the kind of intelligent automation that saves time and improves security posture at the same time.



-------------------------------------------------------------------------------------------------------------

How to Join the Public Beta

This feature is currently in public beta, and getting it enabled is pretty simple. You just need to update the Sublime app permissions to include Calendar access, then notify the Sublime team.

(I’ll update this once it goes live — currently, it’s in beta mode.)

Here’s a quick breakdown based on your setup:


For Google Workspace (Cloud-Managed)

  1. Log in to your admin console: https://admin.google.com

  2. Go to Security → Access and Data Control → API Controls

  3. Scroll down to Domain-wide delegation and click Manage domain-wide delegation

  4. Click Add new

  5. Enter the Client ID: 112905660299333414135

  6. Add this scope:

    https://www.googleapis.com/auth/calendar.events

  7. Wait up to 24 hours for the changes to apply


For Google Workspace (Self-Managed)

  1. Add the Calendar API scope to your existing domain-wide delegation client

  2. Enable the Google Calendar API in your project

  3. Wait up to 24 hours for propagation



For Microsoft 365 (Cloud-Managed)

  1. Visit your organization-specific authorization link

  2. Approve the consent request that includes “Read and write calendars

  3. You’ll be redirected back to Sublime’s homepage

  4. Wait up to 24 hours for it to take effect



For Microsoft 365 (Self-Managed)

  1. Add the Calendars.ReadWrite permission to your Azure AD app

  2. Grant admin consent

  3. Allow up to 24 hours for changes


Once you’re done, just let the Sublime team know so they can enable the feature in your environment. That’s it — no further configuration needed.


(Note: Restoring deleted calendar events isn’t supported yet, but they’ve confirmed it’s coming soon. For now, users can re-RSVP to a restored message to re-add the event.)


-------------------------------------------------------------------------------------------------------------

Bonus Tips: Strengthen Your Calendar Security

While Sublime’s update adds a huge layer of protection, there are still a few best practices every organization should follow.


For Google Workspace:

  • Go to Apps → Google Workspace → Calendar → Advanced Settings

  • Under “Add invitations to my calendar”, choose one of:

    • “Invitations from known senders,” or

    • “Invitations users have responded to via email.”

This prevents random senders from silently placing meetings on your calendar.


For Microsoft 365:

Use PowerShell to stop your system from auto-accepting events. Run:

Set-CalendarProcessing -Identity <User> -AutomateProcessing None

This disables the “Calendar Attendant” that automatically processes invites — giving you more control.


-------------------------------------------------------------------------------------------------------------

My Take:

Honestly, this update just shows how Sublime really listens to real-world threats. Attackers keep finding new ways to sneak in — even through calendars — and Sublime is always one step ahead.


Automatic Calendar Event Deletion might sound like a small addition, but in practice, it can save analysts hours of investigation time and prevent users from walking right into phishing traps.

I’ve said it before and I’ll say it again — this is why I love Sublime.If you’re managing email security, you should definitely check this feature out.

-------------------------------------------------------------------------------------------------------------

Final Thought

Cybersecurity isn’t just about blocking emails anymore. It’s about protecting every single touchpoint — even your calendar. And with this new feature, Sublime just made that a whole lot easier.


-------------------------------------------------Dean---------------------------------------------------

 
 
 

Comments

bottom of page