Found my answer thanks to a local CSE. Unfortunately, I had a typo and missed a trailing "," which killed my code. Here's some documentation from Aruba to help you format your own statements:
Starting in Amigopod v3.3, the isValidEmail validator allows you to specify a list of valid email addresses and a list of invalid ones, ie whitelist/blacklist. The person registering an account must use a valid email in the list or they will be denied access. To enable this feature, edit the "email" field of a form that creates a user. Most likely the form you will want to edit is the Register page of the self-registration page. Under the validator, choose IsValidEmail. The Validator Argument should pre-populate with the following:
array (
'allow' =>
array (
),
'deny' =>
array (
),
)
If the allow array is empty, then it will accept any email not in the deny array. To only allow certain domains, edit the "allow" array and insert each valid domain.
array (
'allow' =>
array (
'goodemail.com',
'alsovalid.edu',
),
'deny' =>
array (
),
)
Similarly, edit the "deny" array to block only certain domains.
array (
'allow' =>
array (
),
'deny' =>
array (
'invalid.org',
),
)
Save the page and test. It is also suggested to give a better error message to the end user if the email they entered is one of the blacklisted domains. This can be done in the same email field under Validation Error. Edit the error message text.
How it works
When using the IsValidEmail validator, the validator argument may be specified with a whitelist/blacklist of domain names. Use the syntax:
array(
'allow' => array(),
'deny' => array(
'gmail.com',
'yahoo.com',
)
)
The keys 'whitelist' and 'blacklist' may also be used for 'allow' and 'deny', respectively.
An 'allow' or 'deny' value that is a string is converted to a single element array.
Wildcard matching may be used on domain names: the prefix '*.' means match any domain that ends with the given suffix. A '*' component can also be used inside the hostname, and will match zero or more domain name components.
If the 'allow' list is empty or unset, the default behavior is to accept ALL domains other than those listed in the 'deny' list.
If the 'deny' list is empty or unset, the default behavior is to deny ALL domains other than those listed in the 'allow' list.
If both 'allow' and 'deny' lists are provided, the default behavior is to accept a domain name that does not match any of the patterns provided. The 'allow' list is checked first, followed by 'deny'. To obtain the opposite behavior, specify the wildcard '*' as the last entry in the 'deny' list.