How Domain Registrars Can Deal With Yahoo Email Recycling

Andrew Allemann discussed the potential problem domain registrars face if / when Yahoo begins to recycle email addresses that haven’t been used in over a year.

The problem is not just limited to domain registrars, who will be forced to deal with the aftermath of angry customers that had domain names stolen.

The real problem will be had by domain investors and others who may unknowingly end up purchasing stolen domain names in the aftermarket. They may then have to deal with litigation when the legitimate domain owner finds out. Further, domain aftermarkets, domain brokers, domain auction platforms, and domain brokerages will also be burdened with associated problems if domain names that were stolen are sold on their platform. Aside from email address verification, I don’t believe most aftermarket websites are equipped to verify domain name ownership in any other way.

Frankly, this problem isn’t the fault of domain registrars, since it’s the responsibility of domain owners to keep their Whois information accurate, and that means they need to keep their email accounts secure. However, domain registrars can probably help prevent this from becoming a more widespread issue, and I want to make a recommendation on how they can take steps to prevent stolen domain names via recycled Yahoo email addresses.

  • Send an email to domain registrants with email addresses if the domain name is over a year old. Require domain registrants to acknowledge the message somehow.
  • Put a notice at the top of the domain registrant’s account management or control panel page letting them know about the Yahoo email recycling issue.
  • If the Whois email bounces or if they owner doesn’t reply / acknowledge the email, put a lock on their account that requires them to enter the last 6 digits of the credit card number on file in order to log in.
  • Keep a record of the IP address of people logging in, and if a person tries to log in to 3 separate accounts from the same IP address, block them from logging in to any account until they contact the company.

Although domain registrars are not really at fault if this becomes an issue, they will bear the brunt of customer complaints. They are also best equipped to deal with the situation.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn


  1. These are great suggestions. Hopefully all the online banks, paypal, and everyone is listening too. Hopefully this post will get lots of Trackbacks.

  2. I missed the deadline. They told me that it will be deleted. It is not deleted yet, but still they will not allow me to access my data. They told me to open a new account. I don’t need the account, I need my emails…

Leave a Reply

Recent Posts Announces 2023 Master of Domains

During the NamesCon conference today, announced its Master of Domains winners. The annual award celebrates "the highest grossing domain name brokers for deals...

How to Buy a Domain Name That is Owned by Someone

For a domain investor, buying a domain name is second nature. Investors hand register domain names, purchase domain names via expiry and private auctions,...

My 2023 Domain Industry PMC Jersey

For a number of years, I have created a domain industry Pan-Mass Challenge jersey to raise funds for Dana-Farber Cancer Institute. Many domain industry... Profitably Resold for 8 Figures

In March of this year, I reported on the sale of The domain name was acquired by HubSpot Co-Founder Dharmesh Shah for more...

First Look at my 2023 Domain Industry PMC Jersey

This August, I will be riding in my 10th Pan-Mass Challenge ride to raise funds for Dana-Farber Cancer Institute. I will be riding...