Sublime Rules is an open-source repository containing detection rules for the Sublime Security platform. The repository provides rules designed to identify and prevent various email-based attacks including business email compromise (BEC), credential phishing, and malware delivery. The repository is organized into multiple categories including detection rules, discovery rules, DLP discovery rules, automations, insights, and YARA rules. It includes specific detection capabilities for HTML smuggling, VIP and executive impersonation, malicious OneNote files, malicious LNK files, and encrypted zip attachments. The rules are written using Message Query Language (MQL), a query language specific to the Sublime platform for analyzing email messages. The repository contains over 3,000 commits and has contributions from 71 contributors, indicating active development and community involvement. The project is released under the MIT license, making it freely available for use and modification. The repository includes sample email files (EMLs), tutorial files, and scripts to support rule development and testing. Community members have also created additional rule feeds that complement the main repository.