> But surely there are some more. I realize this is a little off-topic, but i
> couldnt find a better place to ask.
> I need this for a SPAM URI-Blocklist lookup script (SURBL), which has to
> decide whether or not to include the third level domain in the lookup query.

I think you should also include yet another list - of known public
2LD even in TLDs with allowed private/corporate 2LD. At least it's
nesessary for .ua which was such restricted in near past and still
has most domains as 3LD in public zones. We have stable problem with
some such domains (as kiev.ua) which has own MXes of domain
administration. The software which follows algorithm "recurse from
TLD to the malicious origin itself and find first domain with MX or
A" fails to detect correct complaint target with such domain. Some
time ago kiev.ua was listed by rfc-ignorant.org due to bouncing
robot which told to complaint to 3rd level domain contact.