Not so much a NECRO here as perhaps more of a ZOMBIE ... Thread is not that old, but not new either, meh...
I set up a lot of "Filter Rules" to compensate for what VM Has left out.
I like the site haveibeenpwned https://haveibeenpwned.com/ , it does a search through their list to see if your email (and details) have been exposed. Do bear in mind that unless your getting TARGETED email - As in - it has your real details about you, then generally most can be ignored.
The filters are not great, as others said. In fact some things inside specific HTML wrappers avoid the filters on inbound emails but - it has to be funny becuase it's true - you get blocked if you try to forward it to a spambuster group/email because it will flag as spam.
I find that in my filters (For wifes email, because she must be on every target list in Russia, China, India, and America) you should use no more than 25-30 conditions per rule. If you have more conditions than that then set up more rules.
I also use some filter rules in my email client (IMAP client, so as long as she unless she see's it instantly then my client cleans it up - something you could consider).
Most of the rules work OKAY, some just don't work at all. The REGEX rules are hit and miss (escape sequences I guess).
----
I do not work for VM, but I would. It is just a Job.
Most things I say I make up and sometimes it's useful, don't be mean if it's wrong.
I would also make websites for them, because the job never seems to require the website to work.
