What is this?
A map of municipalities in Denmark, Finland, Norway, Sweden, Iceland and the Faroe Islands showing which provider handles their official email — grouped by legal jurisdiction — based on public DNS records and other public network signals. Also covers the largest publicly traded companies from each country (OMXC20, OMXS30, OBX, OMXH25). Click any municipality or company to see the evidence and a Why this label? explanation with a confidence score.
Context
US Cloud providers (Microsoft 365, Google Workspace, AWS) are subject to the US CLOUD Act, which allows US authorities to request stored data regardless of where it is physically hosted — even when GDPR applies. EU Provider and Self-hosted keep data under European jurisdiction. DNS records indicate mail routing and authorised senders, not necessarily where data is stored.
How does it work?
Each municipality's official domain is checked via DNS records (MX, SPF, CNAME, DKIM, autodiscover, TXT), SMTP banners, ASN lookups, and a public Microsoft API endpoint, then classified by provider type with confidence scoring. Local email security gateways (FortiMail, Barracuda, etc.) are detected and looked through to find the actual backend provider. Data is refreshed nightly via GitHub Actions.
Open source & open data
Code and data on GitHub. Built on livenson/mxmap, originally by David Huser for Swiss municipalities. This fork narrows the focus to the Nordic region, adds stock index company classification, sovereignty-framed legend, weekly automated pipeline, and a redesigned frontend. Map powered by Leaflet, an open-source project by Volodymyr Agafonkin 🇺🇦. Use ⊙ Colorblind mode in the legend for a deuteranopia-safe palette.