What you are doing doesn't prohibit special characters, it removes them. And it doesn't require them to be at the start, either!
So if your string is "@45gm.com" then it converts it to 45gmcom
and doesn't tell anyone it's done it. So what gets stored (or otherwise processed) isn;t a valid email either, and gives problems way on down the line, when it's too late to fix it. Worse, it does the same thing with your "correct" string: "45@gf.com" becomes "45gfcom"
What you need is to use it as a regex and check the result:
Match m = Regex.Match(trNo, "^[^a-zA-Z0-9\\s]");
if (m.Success)
{
... report problem to user ...
return;
}