Need to filter ALL email

[StoneyCreeker]

I think I found a better regex syntax.
After the TLD we are trying to block we are using [^a-zA-Z0-9_] which says:

[^a-zA-Z0-9_] match a single character not present in the list below
a-z a single character in the range between a and z (case sensitive)
A-Z a single character in the range between A and Z (case sensitive)
0-9 a single character in the range between 0 and 9
_ the literal character _

I added a period after the caret ^ and it changed it to mean:

[^.a-zA-Z0-9_] match a single character not present in the list below
. the literal character .
a-z a single character in the range between a and z (case sensitive)
A-Z a single character in the range between A and Z (case sensitive)
0-9 a single character in the range between 0 and 9
_ the literal character _

So now the string "[email protected]" is not a valid match but "[email protected]" is caught.

I will test this on a few of the more popular "false positive domains" and let you know what happens.

I tested it at regex101.com using the javascript tester. All I used in the Regular Expression was "[email protected]+\.lawyer[^.a-zA-Z0-9_]" (no quotes) against the test string "[email protected]" and "[email protected]" (no quotes)

Hope this helps

 

[StoneyCreeker]

I have been watching my spam mail account for false positives after including the huge list of new TLD's and have hashed out a few of the blocked TLD's in your list because they are in use by reputable sources as well as spammers.

.cc is being used by many legitimate entities such as my local sheriff's dept, sheriff.cc. I live in Carter County so they thought it was appropriate. Also I found .name and .museum legitimate emails being blocked. And one of my clients is receiving mail from a .pro account. .us is also seeing many legitimate uses.

So to conclude:
That huge list of new TLD's is blocking many spams on my server but so far I have had to allow some as they are being used for legitimate uses.

I have allowed .cc, .name, .museum, .pro, and .us.
I believe in the future more people will start legitimately using these new TLD's and this rule set may need constant monitoring.

Hope this helps!

Maybe someone should start a new thread on this so we can help each other with this "new TLD" spam filtering method.

 

[ebizindia]

Can someone guide me why do we include '_'? I think this character cannot be a part of the email address. Please correct me if I am wrong.

Also, we need to add '-' as we may have @lawyer-dallas.com as a valid address.

 

[patchwork]

Could the filter be modified to only delete emails marked as "Spam" and from those TLD's, or does the spam assassin scoring come after this filter.

Most of my bad TLD email is marked as spam, but I don't want to delete everything marked as spam as some genuine emails are sometimes marked incorrectly.

 

[crazyaboutlinux]

HI

I want to block some top level domain to avoid getting emails from them, cPanelMichael has provided below code at Need to filter ALL email, i think its best for my requirement but have one query can we modify this code want to replace "contains" to "ends with" is it good ??

and more thing can we add multiple .TLDs by adding commas eg. ".pw",".pk",".ru" is it good ??

if first_delivery
and ("$h_to:, $h_cc:" contains ".pw")
or ("$h_from:" contains ".pw")
then
seen finish
endif

modified code

if first_delivery
and ("$h_to:, $h_cc:" ends with".pw",".pk",".ru")
or ("$h_from:" ends with ".pw",".pk",".ru")
then
seen finish
endif

 

[cPanelMichael]

I want to block some top level domain to avoid getting emails from them, cPanelMichael has provided below code at Need to filter ALL email, i think its best for my requirement but have one query can we modify this code want to replace "contains" to "ends with" is it good ??

and more thing can we add multiple .TLDs by adding commas eg. ".pw",".pk",".ru" is it good ??

Hello,

You should use a regular expression instead of a comma if you want to block multiple TLDs on the same line. It looks like users are reporting more success with "contains" instead of "ends with". There are several examples on this thread that users have reported success with. You may want to try those out and tweak the rules as needed.

Thank you.

 

[malkinstrecker]

ooking for help blocking spam coming from the lesser TLDs
BUt I want to be able to let customers CHOOSE To implement the block from within Cpanel

 

[cPanelMichael]

ooking for help blocking spam coming from the lesser TLDs
BUt I want to be able to let customers CHOOSE To implement the block from within Cpanel

This would require a custom plugin or a new feature developed by cPanel. You can open a feature request via:

Submit A Feature Request

Thank you.

 

[asmithjr]

error in exim_mainlog after implementing custom filter. I placed this in cpanel_exim_system_filter_custom

if first_delivery
and ("$h_to:, $h_cc:" ends with ".club")
or ("$h_from:" ends with ".club")
then
logwrite "$tod_log $h_from $h_to $h_subject (it ends with)"
seen finish
endif

per the examples in many threads. In my exim_mainlog I see this error

2016-08-16 09:46:35 1bZehA-0005sC-1j Error in system filter: "and" or "or"
or ")" expected near line 266 of filter file, but found "".club")"

I cannot find anything to help me solve this. Anyone have the solution.

 

[asmithjr]

ok I see I had ends with in this example and it needs to be ends without the with. I modified and still have the error.

 

[StoneyCreeker]

To block ".club" I use:

if first_delivery
  and ("$h_from:" matches "[email protected]+\\\\.club[^.a-zA-Z0-9_]")
  or ("$h_to:" matches "[email protected]+\\\\.club[^a-zA-Z0-9_]")
  or ("$h_cc:" matches "[email protected]+\\\\.club[^a-zA-Z0-9_]")
then

 

[syphic]

Just use ends instead of contains. Its in the exim filter documentation.

if first_delivery
and ("$h_to:, $h_cc:" ends ".tld")
or ("$h_from:" ends ".tld")
then
seen finish
endif
~

 

[cybervision]

Now I am using this syntax and it is working great!
It blocks 500 to 2000 every day and after 3 days of watching the [email protected] account carefully, I have not seen 1 false positive yet from this one. Warning!! It might cause them for you. Please watch the results carefully.

# Block Newfangled Domains
if first_delivery
and (
 ("$h_from:" matches " [email protected]+\.space[^a-zA-Z0-9_]")
 or ("$h_from:" matches " [email protected]+\.work[^a-zA-Z0-9_]")
 or ("$h_from:" matches " [email protected]+\.click[^a-zA-Z0-9_]")
 or ("$h_from:" matches " [email protected]+\.link[^a-zA-Z0-9_]")
 or ("$h_from:" matches " [email protected]+\.rocks[^a-zA-Z0-9_]")
 or ("$h_from:" matches " [email protected]+\.science[^a-zA-Z0-9_]")
 )
 then
 headers add "SpamRule: EXIM FILTER Block Newfangled Domains (was: $h_subject:)"
 deliver "[email protected]>"
 seen finish
endif

After the rule runs it adds a new header to the email named "EXIM FILTER Block Newfangled Domains" to help me track this rule and it also adds the old subject afterwards starting with "was" to also help me identify the spam in process.

It then delivers it to one of my email accounts so I can check the results for false positives.

This rule set stops more spam than all 2613 lines I have written before I figured this one out.

I have it listed first in my list of rules right after the False Positive bypass rule set:

# These are custom bypass the rules rules due to false positives
if first_delivery
and
 (
 $h_from: contains "a1aexpressautoshipping.com"
 or $h_from: contains "amazon.com"
 or $h_from: contains "alltrails.com"
 or $h_from: contains "Advance Auto Parts"
 or $h_from: contains "ebay.com"
 or $h_from: contains "exim.org"
 or $h_from: contains "freakmail.de"
 or $h_subject: contains "Germkiller"
 or $h_subject: contains "instructables"
 or $h_from: contains "instructables"
 or $h_from: contains "[email protected]|[email protected]"
 or $h_from: contains "jpcycles"
 or $h_from: contains "mozilla.org"
 or $h_from: contains "patient-message.com"
 or $h_from: contains "pandora.com"
 or $h_subject: contains "shrinenet.org"
 or $h_from: contains "ted.com"
 or $h_from: contains "tigerdirect.com"
 or $h_subject: contains "WEATHER ALERT for TN"
 or $h_from: contains "messages.webmd.com"
 or $h_from: contains "@WindowsSecrets.com"
 or $h_subject: contains "Your Alerts from ZDNet"
 or $h_from: contains "ZDNet"
 or $h_from: contains "mail.synchronybank.com"
 or $h_from: contains "exim"
 or $h_from: contains "mxtoolbox"
 or $h_from: contains "webmd.com"
 or $h_from: contains "@americasautoauction.com"
 or $h_from: contains "[email protected]"
 or $h_subject: contains "Greensboro Auto"
 or $h_from: contains "Greensboro Auto"
 or $h_from: contains "photobucket"
 or $h_from: contains "[email protected]"
 or $h_from: contains "@swingbyswing.com"
 or $h_from: contains "toyota"
  or $h_from: contains "alstom.com"
 or $h_from: contains "booking.com"
 or $h_from: contains "@lge-ku.com"
 or $h_Subject: contains "LG\\&\\E"
 or $h_Subject: contains "and KU"
 or $h_from: contains "@gapac.com"
 or $h_from: contains "[email protected]"
 or $message_headers: contains "Bear Island"
 or $h_from: contains "@service.govdelivery.com"
 or ("$h_from:" matches " [email protected]+\.govdelivery.com")
 or $h_from: contains "centraldispatch"
 or $h_subject: contains "Hot Properties Alert"
 or $h_from: contains "rolledalloys"
 or $h_from: contains "naccchildlaw.org"
 or $h_from: contains "justia.com"
 or $h_from: contains "[email protected]"
 or $h_from: contains "spartan.com"
 or $h_from: contains "squareup.com"
 or $h_from: contains "state.tn.us"
 or $h_subject: contains "tn.gov"
 or $h_from: contains "tn.gov"
 or $h_from: contains ".gov"
 )
then
 finish
endif

I hope this helps others writing exim spam rules.

Stoney

Hi Stoney,

I'm new at posting to this forum. I've used your Exim Filter for Newfangled Domains for the last couple years and it works great!

I'm now noticed that a lot of spammers are now getting around this great filter by using alias domains like...

[email protected]
or
[email protected]

I've tried experimenting with the regex but I can't get it to work for the above examples. Would you be able to share a new set of regex for the above examples?

Thanks again as you've saved our clients with untold amount of spam.

 

[StoneyCreeker]

Hi Stoney,

I'm new at posting to this forum. I've used your Exim Filter for Newfangled Domains for the last couple years and it works great!

I'm now noticed that a lot of spammers are now getting around this great filter by using alias domains like...

[email protected]
or
[email protected]

I've tried experimenting with the regex but I can't get it to work for the above examples. Would you be able to share a new set of regex for the above examples?

Thanks again as you've saved our clients with untold amount of spam.

 

[StoneyCreeker]

Sorry I have not visited this thread in a while.
Here is my current list of blocked newfangled domains in a better syntax.
So far I am not getting any spam in your new style. ([email protected])
This is a very big list. PLEASE GO THROUGH IT TO SUIT YOUR NEEDS.
Use at your own risk. This code WILL PREVENT EMAIL DELIVERY FROM THESE DOMAINS!
Lines beginning with # are not read by EXIM.
You can see I have had to modify this list to suit my clients needs. Please do the same.
I recommend sending these to a frequently checked email address as in the last lines of this code to prevent false positives.
============================

# Block Newfangled Domain Spam
# THESE BLOCK MORE SPAM THAN ALL THE OTHER RULES COMBINED!

if first_delivery
and (
("$h_from:" matches "[email protected]+\\\\.bid[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.click[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ch[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cricket[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.asia[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ec[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.exercise[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.co.in[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gen.in[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.it[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.net.in[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.link[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ninja[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.review[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.rocks[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.science[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.space[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.top[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sa[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sk[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.uno[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.website[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.win[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.work[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.xyz[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.za[^.a-zA-Z0-9_]")

####or ("$h_from:" matches "[email protected]+\\\\.aaa[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.abb[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.abbott[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.abogado[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ac[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.academy[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.accenture[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.accountant[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.accountants[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.aco[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.active[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.actor[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ad[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ads[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.adult[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ae[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.aeg[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.aero[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.af[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.afl[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ag[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.agency[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ai[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.aig[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.airforce[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.airtel[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.al[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.allfinanz[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.alsace[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.am[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.amica[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.amsterdam[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.an[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.android[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ao[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.apartments[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.app[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.aq[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.aquarelle[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ar[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.archi[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.army[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.arpa[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.as[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.asia[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.associates[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.at[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.attorney[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.au[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.auction[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.audio[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.auto[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.autos[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.aw[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ax[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.axa[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.az[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.azure[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ba[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.band[^.a-zA-Z0-9_]")
### or ("$h_from:" matches "[email protected]+\\\\.bank[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bar[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.barcelona[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.barclaycard[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.barclays[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bargains[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bauhaus[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bayern[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bb[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bbc[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bbva[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bcn[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bd[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.be[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.beer[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bentley[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.berlin[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.best[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bet[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bf[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bg[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bh[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bharti[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bi[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bible[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bid[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bike[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bing[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bingo[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bio[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bj[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bl[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.black[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.blackfriday[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bloomberg[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.blue[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bm[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bmw[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bn[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bnl[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bnpparibas[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bo[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.boats[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bond[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.boo[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.boots[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.boutique[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bq[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.br[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bradesco[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bridgestone[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.broker[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.brother[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.brussels[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bs[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bt[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.budapest[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.build[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.builders[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.business[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.buzz[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bv[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bw[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.by[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bz[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bzh[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cab[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cafe[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cal[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.camera[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.camp[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cancerresearch[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.canon[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.capetown[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.capital[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.caravan[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cards[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.care[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.career[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.careers[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cars[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cartier[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.casa[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cash[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.casino[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cat[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.catering[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cba[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cbn[^.a-zA-Z0-9_]")
#### or ("$h_from:" matches "[email protected]+\\\\.cc[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cd[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ceb[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.center[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ceo[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cern[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cf[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cfa[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cfd[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cg[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ch[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.chanel[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.channel[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.chat[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cheap[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.chloe[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.christmas[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.chrome[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.church[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ci[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cisco[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.citic[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.city[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ck[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cl[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.claims[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cleaning[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.click[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.clinic[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.clothing[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cloud[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.club[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cm[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cn[^.a-zA-Z0-9_]")
#### or ("$h_from:" matches "[email protected]+\\\\.co[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.coach[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.codes[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.coffee[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.college[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cologne[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.commbank[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.community[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.company[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.computer[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.condos[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.construction[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.consulting[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.contractors[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cooking[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cool[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.coop[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.corsica[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.country[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.coupons[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.courses[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cr[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.credit[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.creditcard[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cricket[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.crown[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.crs[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cruises[^.a-zA-Z0-9_]")
#### or ("$h_from:" matches "[email protected]+\\\\.cu[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cuisinella[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cv[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cw[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cx[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cy[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cymru[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cyou[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cz[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.dabur[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.dad[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.dance[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.date[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.dating[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.datsun[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.day[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.dclk[^.a-zA-Z0-9_]")
#### or ("$h_from:" matches "[email protected]+\\\\.de[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.deals[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.degree[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.delivery[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.delta[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.democrat[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.dental[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.dentist[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.desi[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.design[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.dev[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.diamonds[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.diet[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.digital[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.direct[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.directory[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.discount[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.dj[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.dk[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.dm[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.dnp[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.do[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.docs[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.dog[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.doha[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.domains[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.doosan[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.download[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.drive[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.durban[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.dvag[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.dz[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.earth[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.eat[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ec[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.education[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ee[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.eg[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.eh[^.a-zA-Z0-9_]")
#### or ("$h_from:" matches "[email protected]+\\\\.email[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.emerck[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.energy[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.engineer[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.engineering[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.enterprises[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.epson[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.equipment[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.er[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.erni[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.es[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.esq[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.estate[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.et[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.eu[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.eurovision[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.eus[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.events[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.everbank[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.exchange[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.expert[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.exposed[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.express[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.fage[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.fail[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.faith[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.family[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.fan[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.fans[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.farm[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.fashion[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.feedback[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.fi[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.film[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.finance[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.financial[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.firmdale[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.fish[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.fishing[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.fit[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.fitness[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.fj[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.fk[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.flights[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.florist[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.flowers[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.flsmidth[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.fly[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.fm[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.fo[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.foo[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.football[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.forex[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.forsale[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.forum[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.foundation[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.fr[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.frl[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.frogans[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.fund[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.furniture[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.futbol[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.fyi[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ga[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gal[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gallery[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.game[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.garden[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gb[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gbiz[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gd[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gdn[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ge[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gea[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gent[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.genting[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gf[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gg[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ggee[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gh[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gi[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gift[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gifts[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gives[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.giving[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gl[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.glass[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gle[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.global[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.globo[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gm[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gmail[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gmo[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gmx[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gn[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gold[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.goldpoint[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.golf[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.goo[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.goog[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.google[^.a-zA-Z0-9_]")
#### or ("$h_from:" matches "[email protected]+\\\\.gop[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gp[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gq[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gr[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.graphics[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gratis[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.green[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gripe[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.group[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gs[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gt[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gu[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.guge[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.guide[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.guitars[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.guru[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gw[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gy[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.hamburg[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.hangout[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.haus[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.healthcare[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.help[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.here[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.hermes[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.hiphop[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.hitachi[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.hiv[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.hk[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.hm[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.hn[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.hockey[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.holdings[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.holiday[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.homedepot[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.homes[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.honda[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.horse[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.host[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.hosting[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.hoteles[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.hotmail[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.house[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.how[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.hr[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.hsbc[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ht[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.hu[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ibm[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.icbc[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ice[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.icu[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.id[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ie[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ifm[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.iinet[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.il[^.a-zA-Z0-9_]")
##### or ("$h_from:" matches "[email protected]+\\\\.im[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.immo[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.immobilien[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.in[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.in.net[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.industries[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.infiniti[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ing[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ink[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.institute[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.insure[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.int[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.international[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.investments[^.a-zA-Z0-9_]")
##### or ("$h_from:" matches "[email protected]+\\\\.io[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ipiranga[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.iq[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ir[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.irish[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ist[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.istanbul[^.a-zA-Z0-9_]")
#### or ("$h_from:" matches "[email protected]+\\\\.it[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.itau[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.iwc[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.java[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.jcb[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.je[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.jetzt[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.jewelry[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.jlc[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.jll[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.jm[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.jo[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.jobs[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.joburg[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.jprs[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.juegos[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.kaufen[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.kddi[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ke[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.kg[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.kh[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ki[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.kim[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.kitchen[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.kiwi[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.km[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.kn[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.koeln[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.komatsu[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.kp[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.kr[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.krd[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.kred[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.kw[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ky[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.kyoto[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.kz[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.la[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.lacaixa[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.lancaster[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.land[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.lasalle[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.lat[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.latrobe[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.law[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.lb[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.lc[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.lds[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.lease[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.leclerc[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.legal[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.lexus[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.lgbt[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.li[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.liaison[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.lidl[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.life[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.lighting[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.limited[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.limo[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.link[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.live[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.lixil[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.lk[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.loan[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.loans[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.lol[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.london[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.lotte[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.lotto[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.love[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.lr[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ls[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.lt[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ltda[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.lu[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.lupin[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.luxe[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.luxury[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.lv[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ly[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ma[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.madrid[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.maif[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.maison[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.man[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.management[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mango[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.market[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.marketing[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.markets[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.marriott[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mba[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mc[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.md[^.a-zA-Z0-9_]")
#### or ("$h_from:" matches "[email protected]+\\\\.me[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.media[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.meet[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.melbourne[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.meme[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.memorial[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.men[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.menu[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mf[^.a-zA-Z0-9_]")
#### or ("$h_from:" matches "[email protected]+\\\\.mg[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mh[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.miami[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.microsoft[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mini[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mk[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ml[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mm[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mma[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mn[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mo[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mobi[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.moda[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.moe[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mom[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.monash[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.money[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.montblanc[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mormon[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mortgage[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.moscow[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.motorcycles[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mov[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.movie[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.movistar[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mp[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mq[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mr[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ms[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mt[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mtn[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mtpc[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mu[^.a-zA-Z0-9_]")
####or ("$h_from:" matches "[email protected]+\\\\.museum[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mv[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mw[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mx[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.my[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.mz[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.na[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.nadex[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.nagoya[^.a-zA-Z0-9_]")
####or ("$h_from:" matches "[email protected]+\\\\.name[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.navy[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.nc[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ne[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.nec[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.netbank[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.network[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.neustar[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.new[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.news[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.nexus[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.nf[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ng[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ngo[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.nhk[^.a-zA-Z0-9_]")
#####or ("$h_from:" matches "[email protected]+\\\\.ni[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.nico[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ninja[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.nissan[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.nl[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.no[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.nokia[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.np[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.nr[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.nra[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.nrw[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ntt[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.nu[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.nyc[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.nz[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.office[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.okinawa[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.om[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.omega[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.one[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ong[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.onl[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.online[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ooo[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.oracle[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.orange[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.organic[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.osaka[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.otsuka[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ovh[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.pa[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.page[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.panerai[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.paris[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.partners[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.parts[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.party[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.pe[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.pet[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.pf[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.pg[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ph[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.pharmacy[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.philips[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.photo[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.photography[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.photos[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.physio[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.piaget[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.pics[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.pictet[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.pictures[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.pink[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.pizza[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.pk[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.pl[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.place[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.play[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.plumbing[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.plus[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.pm[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.pn[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.pohl[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.poker[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.porn[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.post[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.pr[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.praxi[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.press[^.a-zA-Z0-9_]")
#####or ("$h_from:" matches "[email protected]+\\\\.pro[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.prod[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.productions[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.prof[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.properties[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.property[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ps[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.pt[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.pub[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.pw[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.py[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.qa[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.qpon[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.quebec[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.racing[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.re[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.realtor[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.realty[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.recipes[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.red[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.redstone[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.rehab[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.reise[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.reisen[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.reit[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ren[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.rent[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.rentals[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.repair[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.report[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.republican[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.rest[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.restaurant[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.review[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.reviews[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.rich[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ricoh[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.rio[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.rip[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ro[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.rocks[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.rodeo[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.rs[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.rsvp[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ru[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ruhr[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.run[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.rw[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ryukyu[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sa[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.saarland[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sakura[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sale[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.samsung[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sandvik[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sandvikcoromant[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sanofi[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sap[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sarl[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.saxo[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sb[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sc[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sca[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.scb[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.schmidt[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.scholarships[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.school[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.schule[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.schwarz[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.science[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.scor[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.scot[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sd[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.se[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.seat[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.seek[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sener[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.services[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sew[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sex[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sexy[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sg[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sh[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.shiksha[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.shoes[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.show[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.shriram[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.si[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.singles[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.site[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sj[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sk[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ski[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sky[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.skype[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sl[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sm[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sn[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sncf[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.so[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.soccer[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.social[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.software[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sohu[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.solar[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.solutions[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sony[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.soy[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.space[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.spiegel[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.spreadbetting[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sr[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.srl[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ss[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.st[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.starhub[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.statoil[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.stc[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.stcgroup[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.studio[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.study[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.style[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.su[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sucks[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.supplies[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.supply[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.support[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.surf[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.surgery[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.suzuki[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sv[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.swatch[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.swiss[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sx[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sy[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sydney[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.systems[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sz[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.taipei[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tatamotors[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tatar[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tattoo[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tax[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.taxi[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tc[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.td[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.team[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tech[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.technology[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tel[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.telefonica[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.temasek[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tennis[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tf[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tg[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.th[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.thd[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.theater[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tickets[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tienda[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tips[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tires[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tirol[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tj[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tk[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tl[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tm[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tn[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.to[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.today[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tokyo[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tools[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.top[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.toray[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.toshiba[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tours[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.town[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.toyota[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.toys[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tp[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tr[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.trade[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.trading[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.training[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.travel[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.trust[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tt[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tui[^.a-zA-Z0-9_]")
####or ("$h_from:" matches "[email protected]+\\\\.tv[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tw[^.a-zA-Z0-9_]")
or ("$h_received:" matches "[email protected]+\\\\.tw[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.tz[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ua[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ubs[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ug[^.a-zA-Z0-9_]")
##### or ("$h_from:" matches "[email protected]+\\\\.uk[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.um[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.university[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.uno[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.uol[^.a-zA-Z0-9_]")
####or ("$h_from:" matches "[email protected]+\\\\.us[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.uy[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.uz[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.va[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.vacations[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.vc[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ve[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.vegas[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ventures[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.versicherung[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.vet[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.vg[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.vi[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.viajes[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.video[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.villas[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.vin[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.vision[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.vista[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.vistaprint[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.viva[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.vlaanderen[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.vn[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.vodka[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.vote[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.voting[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.voto[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.voyage[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.vu[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.wales[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.walter[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.wang[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.watch[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.webcam[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.website[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.wed[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.wedding[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.weir[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.wf[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.whoswho[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.wien[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.wiki[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.williamhill[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.win[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.windows[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.wine[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.wme[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.work[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.works[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.world[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ws[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.wtc[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.wtf[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.xbox[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.xerox[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.xin[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.рус[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.xperia[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.xxx[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.xyz[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.yachts[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.yandex[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ye[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.yodobashi[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.yoga[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.yokohama[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.youtube[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.yt[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.za[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.zip[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.zm[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.zone[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.zuerich[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.zw[^.a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.uyh[^.a-zA-Z0-9_]")
)
then
headers add "SpamRule: EXIM FILTER Block Newfangled Domains (was: $h_subject"
deliver "Newfangled <[email protected]>"
seen finish
endif

 

[StoneyCreeker]

I had to # the line for .coop today. One of my clients got an email from a co-op farming company.
This is why I monitor the filtered emails every day. Blocking all these domains can cause problems if you don't maintain the list.

 

[CharlesGLondon]

Does above rule by StoneyCreeker blocks domains which has all numbers in it such as 1047.com ?

 

[CharlesGLondon]

I've just test above rules and it doesn't block domains with all numbers in it. Can anyone suggest the rule to block domains like 1234.com ?