type.inbound
// self sender or invaild recipent domain
and length(recipients.to) == 1
and (
sender.email.email == recipients.to[0].email.email
or recipients.to[0].email.domain.valid == false
)
and 0 < length(body.current_thread.links) < 10
and any(body.current_thread.links,
.href_url.domain.root_domain != 'bidsandtenders.ca'
and any(ml.link_analysis(.).unique_urls_accessed,
.domain.domain == 'bids.bidsandtenders.ca'
and strings.icontains(.path, '/Logo/')
)
)
Playground
Test against your own EMLs or sample data.