type.inbound
and (
regex.imatch(sender.display_name, '\bblockchain\b')
or strings.ilevenshtein(sender.display_name, 'blockchain') <= 1
or strings.ilike(sender.email.domain.domain, '*blockchain.com*')
or any(body.links,
strings.ilevenshtein(.href_url.domain.root_domain, 'blockchain') == 1
)
)
and not any(ml.nlu_classifier(body.current_thread.text).topics,
.name in ("Educational and Research", "Advertising and Promotions")
and .confidence == "high"
)
and not (
sender.email.domain.root_domain in~ (
'blockchain.com',
'wxblockchain.com',
'ai-blockchain.com',
'envisionblockchain.com'
)
and coalesce(headers.auth_summary.dmarc.pass, false)
)
and not profile.by_sender_email().solicited
Playground
Test against your own EMLs or sample data.