emails: hardcode nondisposable email list.

Hardcode the list of nondisposable email providers instead of making it
a config option. Also add a few new providers.

This was previously a config option to keep it secret, but there's not
much need for secrecy here.

A Restricted user's email must be on this list to unrestrict their
account. If a user is Restricted and their email is not in this list,
then it's assumed to be disposable and can't be used to unrestrict their
account even if they verify their email address.

app/logical/email_validator.rb

@@ -134,6 +134,78 @@ module EmailValidator
     "hanmail.net" => "daum.net",
   }
 
+  # A list of domains known not to be disposable. A user's email must be on
+  # this list to unrestrict their account. If a user is Restricted and their
+  # email is not in this list, then it's assumed to be disposable and can't be
+  # used to unrestrict their account even if they verify their email address.
+  #
+  # https://www.mailboxvalidator.com/domain
+  NONDISPOSABLE_DOMAINS = %w[
+    gmail.com
+    outlook.com
+    yahoo.com
+    aol.com
+    comcast.net
+    att.net
+    bellsouth.net
+    cox.net
+    sbcglobal.net
+    verizon.net
+    icloud.com
+    rocketmail.com
+    windowslive.com
+    qq.com
+    vip.qq.com
+    sina.com
+    naver.com
+    163.com
+    daum.net
+    mail.goo.ne.jp
+    nate.com
+    mail.com
+    protonmail.com
+    gmx.net
+    web.de
+    freenet.de
+    o2.pl
+    op.pl
+    wp.pl
+    interia.pl
+    mail.ru
+    yandex.ru
+    rambler.ru
+    abv.bg
+    seznam.cz
+    libero.it
+    laposte.net
+    free.fr
+    orange.fr
+    citromail.hu
+    ukr.net
+    t-online.de
+    inbox.lv
+    luukku.com
+    lycos.com
+    tlen.pl
+    infoseek.jp
+    excite.co.jp
+    mac.com
+    wanadoo.fr
+    ezweb.ne.jp
+    arcor.de
+    docomo.ne.jp
+    earthlink.net
+    charter.net
+    hushmail.com
+    inbox.com
+    juno.com
+    shaw.ca
+    walla.com
+    tutanota.com
+    foxmail.com
+    vivaldi.net
+  ]
+
   # Returns true if it's okay to connect to port 25. Disabled outside of
   # production because many home ISPs blackhole port 25.
   def smtp_enabled?
@@ -168,10 +240,8 @@ module EmailValidator
   # @param [String] the email address
   # @return [Boolean]
   def is_restricted?(address)
-    return false if Danbooru.config.email_domain_verification_list.blank?
-
     domain = Mail::Address.new(address).domain
-    !domain.in?(Danbooru.config.email_domain_verification_list.to_a)
+    !domain.in?(NONDISPOSABLE_DOMAINS)
   rescue Mail::Field::IncompleteParseError
     true
   end

app/models/email_address.rb

@@ -32,7 +32,7 @@ class EmailAddress < ApplicationRecord
   end
 
   def self.restricted(restricted = true)
-    domains = Danbooru.config.email_domain_verification_list
+    domains = EmailValidator::NONDISPOSABLE_DOMAINS
     domain_regex = domains.map { |domain| Regexp.escape(domain) }.join("|")
 
     if restricted.to_s.truthy?

config/danbooru_default_config.rb

@@ -551,19 +551,6 @@ module Danbooru
       nil
     end
 
-    # The whitelist of email domains allowed for account verification purposes.
-    # If a user signs up from a proxy, they must verify their account using an
-    # email address from one of the domains on this list before they can do
-    # anything on the site. This is meant to prevent users from using
-    # disposable emails to create sockpuppet accounts.
-    #
-    # If this list is empty or nil, then there are no restrictions on which
-    # email domains can be used to verify accounts.
-    def email_domain_verification_list
-      # ["gmail.com", "outlook.com", "yahoo.com"]
-      []
-    end
-
     # Cloudflare API token. Used to purge URLs from Cloudflare's cache when a
     # post is replaced. The token must have 'zone.cache_purge' permissions.
     # https://support.cloudflare.com/hc/en-us/articles/200167836-Managing-API-Tokens-and-Keys

test/functional/emails_controller_test.rb

@@ -166,7 +166,6 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
       context "for a Restricted user" do
         context "with a nondisposable email address" do
           should "unrestrict the user's account" do
-            Danbooru.config.stubs(:email_domain_verification_list).returns(["gmail.com"])
             @restricted_user.email_address.update!(address: "test@gmail.com")
 
             get email_verification_url(@restricted_user)
@@ -180,7 +179,6 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
 
         context "with a disposable email address" do
           should "leave the user's account restricted" do
-            Danbooru.config.stubs(:email_domain_verification_list).returns(["gmail.com"])
             @restricted_user.email_address.update!(address: "test@mailinator.com")
 
             get email_verification_url(@restricted_user)
@@ -196,8 +194,6 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
       context "for a Gold user" do
         should "not change the user's level" do
           @user = create(:gold_user, email_address: build(:email_address, { address: "test@gmail.com", is_verified: false }))
-          Danbooru.config.stubs(:email_domain_verification_list).returns(["gmail.com"])
-
           get email_verification_url(@user)
 
           assert_redirected_to @user