type.inbound
and (
// subject contains recipient's org name
any(recipients.to,
strings.icontains(subject.subject, .email.domain.sld)
and regex.imatch(.email.domain.sld, '.{2,}')
)
or
// body extracts org name matching recipient domain
any(regex.extract(body.current_thread.text,
'(?P<org>[a-zA-Z]{2,20})\s(?:recently\s)?came to our attention'
),
any(recipients.to,
strings.icontains(.email.domain.domain, ..named_groups["org"])
)
)
)
and any(headers.reply_to,
.email.domain.root_domain != sender.email.domain.root_domain
)
// greeting uses recipient's email local_part
and any(recipients.to,
(
strings.icontains(body.current_thread.text,
strings.concat("Dear ", .email.local_part)
)
or any(regex.extract(.email.local_part, '^(?P<first>[^._]+)'),
strings.icontains(body.current_thread.text,
strings.concat("Dear ",
.named_groups["first"]
)
)
)
)
)
// financial/investment cold outreach language
and (
2 of (
strings.icontains(body.current_thread.text, "alternative investments"),
strings.icontains(body.current_thread.text, "raising capital"),
strings.icontains(body.current_thread.text, "came to our attention"),
strings.icontains(body.current_thread.text, "private markets"),
strings.icontains(body.current_thread.text, "fundraising"),
strings.icontains(body.current_thread.text, "investment opportunities"),
strings.icontains(body.current_thread.text, "introductory"),
strings.icontains(body.current_thread.text, "commitment size"),
strings.icontains(body.current_thread.text, "ultra-high-net-worth"),
strings.icontains(body.current_thread.text, "deployed capital"),
strings.icontains(body.current_thread.text, "value creation"),
strings.icontains(body.current_thread.text, "capital planning")
)
or (
any(ml.nlu_classifier(body.current_thread.text).topics,
.name == "Financial Communications"
)
and any(ml.nlu_classifier(body.current_thread.text).topics,
.name == "Out of Band Pivot"
)
and any(ml.nlu_classifier(body.current_thread.text).topics,
.name == "B2B Cold Outreach"
)
)
)
Playground
Test against your own EMLs or sample data.