Email Client for Yahoo Email Issue

[jaugu...@verizon.net]

Hi,
I recently opened a Yahoo email account. I made a record of the email
address, password, etc. for safe keeping. Also, I wrote down the settings (eg
SSL, port 995, etc) I need to enter in an email client such as "Thunderbird".
Note: I use "Agent" 7.2 for email.

I have no problems sending or receiving emails via Yahoo email at
Yahoo's web site. However, when I try to use "Agent" email client
to download my email or send an email, I get a "Rejected your username
and password (5.7.1 authentication failed)".

Note: I installed Agent in one of my WinXP laptops to be used ONLY for
Yahoo email. For "username", I entered my Yahoo email address.
My other PC with Agent setup for my Verizon email, I used my verizon
email address for "username".

FYI: I have been using Agent 7.2 for about 5 years for my Verizon
email.

Does anyone know why I can not use Agent for my Yahoo email?

Thank You in advance, John

[J. P. Gilliver (John)]

In message <7u6fed5dmsiajifg7...@4ax.com>,

At a guess, Yahoo require some form of encryption, which either is
turned off in Agent or Agent can't do, whereas Yahoo allow your password
to be sent in clear text. Several of the providers are moving in that
direction. I believe gmail does expect it by default, though you can (so
far) turn it off in the webmail interface somewhere.
>
>
>
>
5
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

I love the way Microsoft follows standards. In much the same manner that fish
follow migrating caribou. - Paul Tomblin, cited by "The Real Bev", 2017-2-18.

[jaugu...@verizon.net]

<SNIP>

>> Note: I installed Agent in one of my WinXP laptops to be used ONLY for
>>Yahoo email. For "username", I entered my Yahoo email address.
>>My other PC with Agent setup for my Verizon email, I used my verizon
>>email address for "username".
>>
>> FYI: I have been using Agent 7.2 for about 5 years for my Verizon
>>email.
>>
>> Does anyone know why I can not use Agent for my Yahoo email?
>>
>> Thank You in advance, John
>>
>At a guess, Yahoo require some form of encryption, which either is
>turned off in Agent or Agent can't do, whereas Yahoo allow your password
>to be sent in clear text. Several of the providers are moving in that
>direction. I believe gmail does expect it by default, though you can (so
>far) turn it off in the webmail interface somewhere.
>>

UPDATE:

I logged into my email account at Yahoo's web site, selected "Account
Information", Turned on, "Allow apps that use less secure sign in...".

That "worked".

Note: Since this email source (Yahoo) is less important than my "main"
email source, "less secure" doesn't bother me.

John

[VanguardLH]

jaugustine wrote:

> I logged into my email account at Yahoo's web site, selected
> "Account Information", Turned on, "Allow apps that use less secure
> sign in...".
>
> That "worked".
>
> Note: Since this email source (Yahoo) is less important than my
> "main" email source, "less secure" doesn't bother me.

Any e-mail client that does not support OAUTH2 is considered insecure by
Google (and other e-mail providers that were lemmings and followed
Google). This is because Google got involved in OAUTH1 but ruined it in
OAUTH2 (by making it easier but less secure than version 1 and also
incompatible with version 1).

https://en.wikipedia.org/wiki/OAuth#OAuth_2.0

OAUTH2 is not a protocol. It is a framework and why anyone implementing
it may come up with their own proprietary protocol. OAUTH2 became not
security protocol for your connection to their server but instead a
means of identifying (aka fingerprinting) who is connecting to their
server (i.e., authentication via identity verus authentication via
credentials). It's not about securing you. It's about securing them.

One of the primary authors involved in OAUTH1 left the OAUTH2 project
because he was disgusted how Google mangled the spec for their own
purposes. Here's a video of the main OAUTH editor, Eran Hammer, until
Google got in the way. He apologizes in a video for the fuckup that
became OAUTH2 and why it sucks:

https://vimeo.com/52882780
(gee, I wonder why this video isn't at Google's Youtube)

Other e-mail providers embraced OAUTH1 or decided to naively follow
Google and went to OAUTH2. That means you cannot use a local e-mail
client unless it supports OAUTH2. If your client does not support
OAUTH2, and as with G[oogle]Mail, you need to go into Yahoo's
server-side settings in your account to disable the wrongly description
option "allow insecure client". You need to configure your account to
allow an "insecure" client connect using their insecure OAUTH2 protocol.

[Shadow]

On Mon, 30 Apr 2018 19:09:30 -0400, jaugu...@verizon.net wrote:

>Hi,
> I recently opened a Yahoo email account. I made a record of the email
>address, password, etc. for safe keeping. Also, I wrote down the settings (eg
>SSL, port 995, etc) I need to enter in an email client such as "Thunderbird".
>Note: I use "Agent" 7.2 for email.
>
> I have no problems sending or receiving emails via Yahoo email at
>Yahoo's web site. However, when I try to use "Agent" email client
>to download my email or send an email, I get a "Rejected your username
>and password (5.7.1 authentication failed)".

Same thing happened to me. Then after 2-3 months it started
downloading my email again. Thunderbird/XP.
Weird. Something their end, I "didn't do nuthin".
In my case, it's just a faux mail account I sometimes use for
giveaways, so I didn't miss anything.
[]'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012

[Shadow]

And I just tried it again, and the reply:

"Server error. Please try again later".

;)