Yahoo best practice guidelines: http://help.yahoo.com/l/us/yahoo/mail/postmaster/basics/postmaster-15.html
Yahoo form to submit for an email domain sender to be unblocked: http://help.yahoo.com/l/us/yahoo/mail/postmaster/bulkv2.html
The problem is Phoenix needs to register their activity with Yahoo so they know it is legit bursts of email and not spam. Phoenix likely has no real reputation built up with Yahoo that would avoid this. It is not marketing bursts, but since the sending of this 'poor mans 2FA" is driven by a client's IP changing and more importantly (for this case) by a server restart as to when you get an email about this, it is likely that the bulk blasting that occurs when a few thousand people try to login again right after a restart is why they blocked emails coming from the Phoenix domain. The obvious way to avoid this entirely would have been to save the state of your 2FA efforts and not just blindly ask for them from every single person logging in again after any restart (and staggering the initial emails to get initial state going).
I assume this process of registering and informing Yahoo to please allow a few thousand bursts at times has already been requested, and it is this delay in processing and whitelisting the Phoenix domain(s) that is referred to when Phoenix folks say "we don't know when Yahoo emaiil will be enabled".
