This rule is designed to identify and mitigate the risk of open redirect vulnerabilities associated with the pmifunds.com domain. Open redirects can facilitate phishing attacks, especially where users are led to malicious sites disguised as legitimate ones. The rule evaluates inbound messages looking for links that redirect through 'trk.pmifunds.com' while also checking various parameters within those links. Specifically, it inspects the structure of the href_url for query parameters that initiate redirection and ensures that the links do not ultimately lead to pmifunds.com itself. Moreover, the rule discards messages originating from pmifunds.com and incorporates checks for solicited interactions to filter out legitimate communications. Trustworthiness of the sender's domain is also verified against a high trust sender list, particularly ensuring that those failing DMARC authentication are flagged. By combining sender and URL analysis, it aims to identify potentially harmful messages that may facilitate credential phishing or malware distribution.