This rule detects suspicious calendar invites that contain links leading to potentially harmful websites with open redirects. These links usually point to either free file hosts or free subdomain hosts, which are commonly utilized by attackers for phishing attempts. The rule first identifies any incoming attachments of type `.ics` or related to the calendar. Next, it checks if the URLs inside these attachments belong to known free hosts while ensuring that any suspicious redirects are flagged. It also takes into account the sender's reputation, specifically if the domain is from a trusted source and has not failed DMARC authentication. It aims to reduce false positives from trustworthy senders while flagging potentially malicious intents behind unsolicited invitations that may carry phishing threats.