Plesk users can maliciously set up domains with names that are identical to the domain names of popular online stores and other resources. For example, they can use names such as gmail.com or paypal.com. Then, these users can receive email messages sent by your customers to these domains because the mail server ensures local delivery.
Plesk offers a pre-filled list of names of popular domains that are already registered and belong to existing companies. If you turn on checking for prohibited domain names, users will be unable to create domains with the names from this list.
You can configure protection at Tools & Settings > Prohibited Domain Names: