In #45 we discussed whether we should only gather domains in xxx.yy form or whether to also accept third (and deeper) levels such as zzz.xxx.yyy

This might need some research as there are cases that are clearly exempt (.co.uk) and some appear unclear. Also if we remove zzz.xxx.yyy should we always keep xxx.yyy as this will vastly broaden the list impact? Is the assumption that when spammer controls xxx.yyy they also control zzz.xxx.yyy reasonable?

I think this only makes sense in cases where the "TLD" is xxx.yyy instead of yyy. Otherwise, if a spammer controls the second level domain, they control everything underneath. The exception would be service providers (e.g. dyndns, but no legitimate mail should come from there, I just use it as an example).