This is a list of domains with end user account creation control (aka. "webmail domains")
What are they?
Different types of email domains exhibit different behaviors based on how user account creation is controlled for those domains. Most domains that we observe in email have strict control over the creation of accounts and usage policies for those accounts. Examples are corporate email domains, domains used to send marketing, or domains used to send transactional messages.
But there are many domains where the end user has much more control over account creation and how they use the email addresses with those accounts. Sometimes accounts can be created for free like with free webmail domains like Gmail, Yahoo!, etc. Sometimes the end user gets a certain number of emails to use with a given service, like a cable ISP.
Over the years we have built up a list of such domains. Currently the list consists of over 4000 domains, most of which are small, not well known, and not associated with regular email traffic.
Why do we keep a list?
It is clear in email traffic that domains that do not strictly control end user account creation and usage exhibit wildly variable behavior. Not that many of these services do not attempt to keep abuse off of their domains, they all have acceptable use policies and monitor outbound mail, but it is not possible to control behavior of end user accounts in this type of environment. Keeping this list is another data set to use as a feature in our models for determining trust of messages sent to your organization. It does not mean we automatically call any given message good or bad based on the domain being on this list.
Why are we sharing this list?
We are sharing this list because we are commonly asked for insights into or data and scoring. This is one of many inputs into how we make such decisions. Perhaps this list could be useful to you in your understanding of APD or you may want to make use of the list for yourself in your own threat intel platform.