Yahoo locked me out of my email account

8 points by itry ↗ HN
When I created my Yahoo mail account 15 years ago, they forced me to put in an alternative email. Since I had none, I put in something like "dont_have_another@anywhereintheworld.com". Today Yahoo told me that for security reasons I have to confirm my account via the alternative email "don...@...". There was no way to circumvent this. So I clicked "ok". Now Im locked out of it and someone who owns that domain has received a password reset mail for my account. Damn. There is a lot of memories in this account. I feel terrible.

11 comments

[ 2.2 ms ] story [ 30.9 ms ] thread
Something similar happened to me recently. A Yahoo / rocketmail account I had for over 10 years was suddenly closed. The reason was I hadn't used it for awhile (about six months or so).

The thing is I used to pay for the premium version of Yahoo mail, I bought domains from them, I had a paid Flickr account before - and they shut it all down without warning.

Losing that Flickr account hurt the most. Lots of saved images were lost.

Do this from a Linux command line:

  nslookup anywhereintheworld.com
The result will be:

  ** server can't find anywhereintheworld.com: NXDOMAIN
Which means that domain happens to not exist, so no one received a password reset for your account.

You'll have to contact yahoo (however you do that) to get this fixed. Posting here does not count as "contacting yahoo".

Also, take this as a lesson learned. When you let someone else handle your email for you, you live and die at that others whim.

Its not literary "anywhereintheworld.com". Its some domain name I made up when I signed up 15 years ago. Its taken now. It has some custom domain-parking-spam on it. Whois gives something like "lksjdfoiuwerkjsd@somespammerhidingcompany.com" as the contact email.
You can register anywhereintheworld.com, setup a smtp server, confirm your account, change your Yahoo! alternative email, and unregister anywhereintheworld.com .

Other possibility is to stop using Yahoo! email, like I did, when they erased all my old emails twice because I didn’t login for 3 months.

So if you know what the domain name is (obviously, how else would you know it is now taken), then why the obfuscation with "somewhereintheworld.com"? Why not just post the actual, albeit fake, domain?

Note, unless:

  1) an smtp server is actually listening at the domain (have you tested this?);
  2) is configured to receive any address at the domain;
Then your confirmation emails from yahoo are getting refused by the other domain. So there is no guarantee the other domain has, or does not have, your reset emails. In any case, unless you want to try to buy that other domain just to get your own reset emails, you'll need to contact yahoo support, they are the only ones who can help you now.

[edit: formatting]

> Why not just post the actual, albeit fake, domain?

Privacy. The owner of that domain has my real name now. I dont want it linked to my HN account.

> an smtp server is actually listening at the domain

How would you test that?

> is configured to receive any address at the domain

I sent an email from gmail to that domain. I did not get a bounce. So I guess it is.

> > an smtp server is actually listening at the domain

> How would you test that?

telnet domain.com 25

And see if you get an SMTP response from a server. It would look something like this:

220 domain.com ESMTP Postfix

After you connect, if you want to see if your email address is active, you can try this (lines beginning with numbers are the server responses, you type the non-numbered lines):

  helo yahoo.com
  250 domain.com
  mail from: afakename@yahoo.com
  250 2.1.0 Ok
  rcpt to: yourfakeemailname@thefakeyahooname.com
And you'll either get back:

550 5.1.1 <yourfakeemailname@thefakeyahooname.com>: Recipient address rejected:

or

250 2.1.5 Ok

A 550 response means that your fake email address is not setup to receive email. A 250 means that it is accepting email at the rcpt to: address.

Do you mind if I ask where you are from? I have noticed that Yahoo mail is very common in Asia, but I (almost) never see a @yahoo email in the US.

Short term I think contacting yahoo support is the only solution.

Long term I recommend spending the few dollars per year on a vanity domain for your email. My last name is Stockbridge, and all of my personal emails have been going to an @stockbridges.org email address for the last few years. My dad set it up, and it just forwards to whatever you like. I have previously used an account from my school's alumni association, but I have recently moved to an @icloud account, and no one else can tell the difference.

I also know that a lot of people love using the web based email, but I am not a fan, and one of the reasons is offline (or locked account) access to mail. If I lost access to my mail account right now then I could change the forwarding address, and be back in business in a few minutes since all of the old messages are saved by my desktop mail client. Even gmail supports this although it seems I am in a small minority that access gmail via their imap server.

Meanwhile, I do use my own domain for my primary email account. But the Yahoo mail has nostalgic value for me, because I have it for 15 years now.
If you do get back in (yahoo customer service) then I suggest you archive all that nostalgic email out to your own system, so should this happen again, you won't lose all the old email.

Yahoo allows either pop3 or imap (you may have to pay for yahoo premium to get either) at which point you can extract out and archive all the old emails.