How do I find a list of all email, dropbox and similar providers?

Posted on 2014-12-17
Last Modified: 2014-12-23

    I need to create a blacklist of locations.  Is there a listing of sites like dropbox and email web sites where I need to be concerned about gets and posts?  Can you point me in the right direction?  A flat file would be perfect.
Question by:awakenings
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 3
  • +3
LVL 70

Assisted Solution

Merete earned 111 total points
ID: 40506652
Hi awakenings
I don't understand your question, create a blacklist? From ?
With regards to Dropbox I have an account there and sharing files is determined by the list of people you share with,  you can either share a folder or send a url.
no emails addresses exchanged only a link to your files if you so choose
Dropbox shared folders let you collaborate on a set of files. When someone joins a shared folder, the folder appears inside their Dropbox, and syncs to their computers automatically.
Could you elaborate a bit more about your concerns.

Author Comment

ID: 40506885

    Obviously I cannot go into details.  All I am looking for is a list of web sites that have email or dropbox-like functionality.  I need this for a project that I am working on.  I know there are probably tens of thousands of corporate email servers and I cannot block them all, but if I can block a good chunk of the "public" email and upload services such as dropbox, aol, gmail, google, yahoo, etc. it would be a good start.  I'd like to find a list on the web rather than compiling a list myself.

LVL 82

Assisted Solution

by:David Johnson, CD, MVP
David Johnson, CD, MVP earned 56 total points
ID: 40506906
If you are interested in keeping company confidential documents confidential use Active Directory Rights Management Services
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users


Author Comment

ID: 40506956

    Thanks, but I am looking for that list still.

LVL 57

Accepted Solution

giltjr earned 56 total points
ID: 40507187
There is no single list like what you are looking for.

Since you can't go into details I would assume that you are trying to create/provide a service that you feel does not exist.  If you think about it, if such a list existed, that would imply somebody was already providing that service.  Of course I could be way off base as to why you want this list.

You might be able to piece together one from various other lists.   Example you could look at these:

And then look up all the IP addresses for all the companies listed and create your own.
LVL 64

Assisted Solution

btan earned 222 total points
ID: 40507229
in fact if it falls into the malwaredomainlist regards email or file hosting site, I will consider them fro blacklisting
likwise from urlblacklist for various disallowed categories includes webmail, filehosting, ecommerce, mail, proxy, onlinegames etc
LVL 70

Assisted Solution

Merete earned 111 total points
ID: 40508755
You can't go into details?
In my humble opinion there is no such thing as one black list.  
Also it may not have public access.
Every few secs of everyday a new threat is created that is why we have definition updates for our security.
It depends on the threat and threat level.
Google would have to have the largest source for blacklists 
Symantec is also another place
Fake email threats
Sharing sites.
The all in one sites like Facebook / twitter.
For your information..
Understanding XSS – input sanitisation semantics and output encoding contexts
white paper PDF
The Ongoing Malware Threat: How Malware Infects Websites and Harms Businesses —
and What You Can Do to Stop It
White paper pdf
Blacklists & Dynamic Reputation -Understanding Why the Evolving Threat Eludes Blacklists

Rather than chance it with security  always stop security risks at the core, keep your av up to date, windows up to date and have installed the best defences.
restricted users access to the internet.
Whichever browser say for example  IE you set the security to max high
With my emails using windows live I have set my security to high and unless the email owner is in my safe list they immediately go to Junk mail and then I sift them with safe or delete.
Education is a start but never enough.
You get an email from your sister or brother, your best friend using the same email address and they want to borrow some cash for Christmas what do you do. Use rule of thumb don't give money over the net.
Check the sources.
LVL 64

Assisted Solution

btan earned 222 total points
ID: 40509001
blacklist is reactive and whitelist is prohibitive,and most network or host security technology will have some sort of service to get real time intelligence feeds and together with reputational metric can identify the undesired site. you may want to explore that rather than the manual importing where possible. Time is of essence to block threat and reduce windows of exposure. Likely the manual means can be automated unless the environment is constraint due to isolated segment and not internet reachable. You can check out some intelligence provider such as Norse, and PhishLab

Author Comment

ID: 40509050
giltjr and btan,

    These are a great start.  The project I am working on is a little off as I am not looking for malware sites.  giltjr, your was a little closer.  I did check the Wikipedia, which is great, but I am looking for something more substantial in terms of listing email sites.


Author Comment

ID: 40509160
Merete / btan,

    I did not see your additions.  These are great, but I am still looking.

LVL 64

Assisted Solution

btan earned 222 total points
ID: 40509169
the urlblacklist may be worth checking out
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 55 total points
ID: 40510423
You want to use a Proxy server, probably something like BlueCoat, Sophos, McAfee or WebSense. They can effectively block the users from going to GoogleDrive (aka GDrive), SkyDrive(aka OneDrive), Office365, GoogleDocs, ADrive, DropBox, YouSendIt, PasteBin, GitHub, etc... however you do have to force the users to use it, by blocking port 80/443 etc at the firewall, and or perhaps using WCCP to recognize http traffic and force it through the proxy.
But what if the user is clever. You block all possible sites in the sharing category... what if they save an attachment to their gmail, hotmail, hushmail,, comcast, yahoo... They might not be able to share a file with a direct link, but they can send a 25Mb attachment with most of the free email providers... Or make a fake email address, and upload an attachment that is bigger, and then share the U/P with the person who wants the file, they can then login to that account and just DL the attachment.
The best way to begin this battle, is to inform the users that ONE: File sharing, like GDrive, GoogleDocs, Office365, OneDrive, etc... is against company policy. (You should draft such a policy btw). TWO: Anyone using one should stop doing so, and report the files to IT so that they can assist in the proper removal of those files. THREE: After all the files are removed, if someone uses those sites without permission or consent, they may have receive disciplinary action.
You have to grant amnesty first, because you know someone in the network is doing it. Then you have to help them remove the files, do not tell them to do it themselves, make it clear no one gets in trouble when coming forward, they may however get in trouble if they hide their actions or try to remove the files themselves.
FOUR: Implement the proxy solution. Proxy vendors have extensive lists, and do very well at blocking based on those, but you too have to make sure they don't try to FTP it to their local go-daddy server, everything should go through the proxy if you need absolute control over the data.
DRM and rights-managment don't work, otherwise we'd all use it. Security and convenience are at odds with one another most times, and DRM/RM software certainly takes the convenience out of the picture.
LVL 64

Assisted Solution

btan earned 222 total points
ID: 40510460
endpoint may use auto-proxy config or pac to govern the traffic through single pot and if user can bypass that the policy should kick in, the first place is that user has no admin right. if that is not enforceable, blacklist or proxy or any other security will be bypass (you can have logging enabled but it is after effect detection). Here is another on netcraft on its Phishing Site Feed

Author Comment

ID: 40512965

   I'll just give you all points.  I'll open up another ticket with my original question, but remove the blacklist context.  I know controls like the back of my hand.  I know technology well.  I completely understand the gaps and I'm not looking for an academic explanation.  Thank you all for your input.  Some of this was helpful.  Thank you.
LVL 70

Expert Comment

ID: 40515824
Awe thanks awakening you did well splitting them lol doesn't matter with points for me but I do hope you got some good insights to write your list
Merry Christmas to you and yours :)

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: Justin
In light of the WannaCry ransomware attack that affected millions of Windows machines, you might wonder if your Mac needs protecting. Yes, it does and here is how to do it.
A look at what happened in the Verizon cloud breach.
Sending a Secure fax is easy with eFax Corporate ( First, just open a new email message. In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses
Course of the Month8 days, 15 hours left to enroll

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question