Internal Diabolocom

Release notes for Diabolocom internal staff

Subscribe to updates
© 2025 Internal Diabolocom
Oct 10, 2024
Internal
AI Solutions
Feature

Domain blacklist implementation to prevent retail customers from registration

Context

From a legal aspect, Diabolocom operates as B2B Products & Services provider.
This means that AI APIs / AI Solution customer target should be only Businesses and not retail customers.

The AI Solution app.diabolocom.ai used to be accessible by any internet user :

  • Ability to register and have free access to the Solution and AI APIs (trial period of 7 days, with usage limits)
  • Ability to subscribe to any plan handled by Stripe payment Solution (after entering customer details and validating payment information), and take benefit from the AI Solution and AI APIs ➝ Billing is automatically provided by Stripe : Invoices are issued on behalf of Diabolocom for potential retail customers !! ➝ Risk of legal non conformity

In order to :

  • limit the risk of selling products/services to retail customers (cannot be 100% prevented, see limitation below)
  • demonstrate efforts made on product/technical side to ensure legal conformity

It is decided to implement a domain blacklist, meaning a list of email domains that cannot sign up and have access to app.diabolocom.ai
The main idea is to make sure that only professional email addresses are allowed to use the AI app and APIs, that should be linked to Business customers behind.

⚠️ Limitation :

  • Stripe payment Solution doesn't restrict plan subscription (payment session + customer details) to Business customers ➝ Any retail customer can pay for a custom domain (not in the blacklist) and then register in app.diabolocom.ai and then subscribe to a plan autonomously ➝ Efforts can be made to control the customer base on Stripe and to perform relevant actions (do a monthly review of customers in Stripe Administration)

Domain Blacklist

The domain blacklist was inspired by Hubspot B2B Solution blacklist, that is implemented to block feature access and published on Hubspot Knowledge website.
Source : https://knowledge.hubspot.com/forms/what-domains-are-blocked-when-using-the-forms-email-domains-to-block-feature
The blacklist contains 4773 domains.

Implemented Feature

A user, that has an email address in the domain blacklist, is prevented from registration to app.diabolocom.ai and receives an error.
Also, an existing user cannot update the email address to a new email, if the new provided email is in the domain blacklist : an error is raised.

Check the Clickup internal documentation

Sign up page - Case of user registration with an email address in the blacklist
back