email-fake.com

[blaaat]

Uses subdomains. Idea to release a list in regex format as well?
Are there other services which do this? (should we check on main domain for complete list?)

[emh-rowland-oconnor]

DEA providers are getting sneaky on sub-domains. (I know the main "sub-domain" culprit (email-fake.com) who you are referring to BTW and my company has full coverage on every subdomain @ email-fake.com).

One approach to combating is regex as you say. The downside with this approach as far as this list is concerned is that many providers / consumers of this list will not have the technical know-how to write (contribute) or parse (consume) the items in this list.

How about another possible way forward - Domain parsing?
If you parse {subdomain}.{domain}.{tld} from your suspected DEA domain, you can compare {domain}.{tld} with this DEA list.

There are a number of Domain Parser implementations (I have one here if you're using .NET).

If you don't want to go the full route of domain parsing, it would also be possible to write a specific email-fake.com rule using string.contains (or similar).

Hope this helps.

[blaaat]

How about subdomains that are currently on the list (for ex: h.mintemail.com)?
(this subdomain has no A or MX record btw)

Should *mintemail.com be considered as a fake email provider?

[emh-rowland-oconnor]

Hi.

mintemail.com is on this list.

MX records are on root domain.

Approach of domain splitting above will work.

Hope this helps.