Vishnu,
This will NOT work at all.
You are using a complicated REGEX with too many options.. in addition this version of REGEX is not supported by DLP. There are different forms of REGEX (java, Perl, etc) DLP uses a specific one and you will need to test it out bit by bit.
I am not sure the exclusion of To From etc.. supported logic in that section..
Also keep in mind that the Regex and DI used on the endpoints is different as well.. https://www.symantec.com/connect/forums/endpoint-protect-and-data-identifiers
you may just want to look for @ and the .com or .org as the regex and ONLY in the body. Make sure to test this out.
\w+@\w+\.[a-zA-Z]{3}
(?i)[-a-z0-9~!$%^&*_=+}{\'?]+(\.[-a-z0-9~!$%^&*_=+}{\'?]+)*@([a-z0-9_][-a-z0-9_]*(\.[-a-z0-9_]+[a-z][a-z])|([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}))(:[0-9]{1,5})?
Also.. https://www.symantec.com/connect/forums/dlp-di-pattern-questionemail-address
Good Luck,
Ronak
PLEASE MARKED SOLVED WHEN POSSIBLE