additionally with the proposal "put together a list of known corporate MDM server URLs in a public repository" I think the idea could be to only block users with an MDM server from that list. of course that would have to be quite a large list and maintaining it fairly could be a challenge