Hello
if you want to have one incident each time you analyze an email with one and only one recipien t(what ever domain it is) you may count number of times you find "@" in enveloppe of your email.
Depending on your messaging system, you will have one for sender (this one is sure) but it may be present into several headers, one for messageID and one time per recipient. Best way to know default count for your messing system is to first set a policy countin gnumber of times your found "@" in email enveloppe (you may have some false positive due to some information not always present in email envellope).
As always with policies based on recipient, you may have to decide if you want to count internal recipient or not, and sender himself (as some people add their email address as recipient in cc or bcc)
regards.