Consider dropping yahoo from the bridgedb email domains
As I understand it, right now bridgedb will respond to email bridge requests from three domains: riseup, gmail, and yahoo.
We chose those three originally since they all seemed to have pretty good sybil protection for account creation.
But I bet yahoo has fallen behind the other two on its account creation protections.
We should explore how much use we're seeing from each of the three domains we allow, just to get a handle on the current situation. But even if we see a lot of use, that doesn't mean it's used by a lot of users, since high activity could also indicate high use by an enumerating attacker.
But we might also see little use from yahoo, in which case this is an easier call.
And then we should consider disabling the yahoo part.
(We might also want to add a few more domains -- and for that we should first look at what countries (a) need non-default bridges, and (b) censor the bridges.torproject.org website. And then open separate tickets.)