Re: Odd (to me)email info

[Jeremy Mooney <j-mooney () BETHEL EDU>]

Michael Fox wrote on 5/11/09 17:00 :
> I have been asked to look at some emails and while I was looking at them (text mode) I saw the following in the body:
>
> Date: Fri, 1 May 2009 13:29:47 -0400
> From:X
> <X () georgiasouthern edu<http://us.mc455.mail.yahoo.com/mc/compose?to=X () georgiasouthern edu>
> To:Y () gmail com<http://us.mc455.mail.yahoo.com/mc/compose?to=Y () gmail com>
> Cc:Z
> <Z () georgiasouthern edu<http://us.mc455.mail.yahoo.com/mc/compose?to=Z () georgiasouthern edu>
>
> Where X,Y, and Z are three different email accounts. When the email is viewed as HTML it just shows the 3 different 
> email accounts. X () georgiasouthern edu, Y () gmail com, etc.
>
> What does the us.mc455.mail.yahoo.com... mean with the local email domain and gmail domain attached? These are not in 
> the headers, they are in the body of the email.
>
> I've googled it but can't find anything that tells me what it is. Any help in determining what this means would be 
> greatly appreciated.

My guess would be the message was forwarded using the yahoo webmail
interface, and it inappropriately included the display-side content
intended for use by the person who had been viewing the message
(us.mc455.mail.yahoo.com was the webmail frontend host for the session,
and the link is intended to allow the user to click to compose a new
message to that address). This is a guess as I don't have much
experience with yahoo's webmail, but I have seen similar types of links
leak out of Exchange when messages are forwarded.

--
Jeremy Mooney
ITS - Bethel University
GPG: 1024D / B151 29F4 3281 0F3A 1403  88A8 6493 D78F 4245 D7F5

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature