Is it phishy or ??

[sunday11a]

Hi
Recently i got a mail with

X-Originating-IP: [61.0.45.38]
Return-Path: <contact_namita@usa.net>
From: contact_namita@usa.net
To: username@yahoo.com
Subject: Mail Delivery (failure username@yahoo.com)

Message :
If the message will not displayed automatically,
follow the link to read the delivered message.
Received message is available at:
"www.yahoo.com/inbox/username/read.php?sessionid-25114"

But the link actually points to address mentioned below

"http://mail.yahoo.com/config/login?/cid:111346090:/ym/us/ShowLetter?box=Inbox&MsgId=3067_6097726_1481_1012_794_0_44120_1581_3271377446&bodyPart=2&YY=37512&order=down&sort=date&pos=0"

What is "cid:111346090", any kind of identifier or counter

What is the purpose, any ideas of this mail as normally spams ihave seen are for selling some product or something but this one?

[zENGER]

Looks to me to be a session tracking ID or something. Its on yahoo's site, so I doubt it is something too out of the ordinary. What exactly was at the other end of the link? Just a list of the email in your inbox, or maybe the actual message?

[Striek]

Doesn't look like a phishing scam to me. That login page is being hosted on Yahoo's servers, which would make it kinda difficult for somebody to fake it. Iy looks like an old login page that they've since updated with a new look. The source code doesn't appear to send the information off anywhere it shouldn't, and the login code is almost exactly the same.

However, the redirection attempt in the email is very indicative of a phishing scam. A better look at the email would help. But I don't think this is a scam. Someone correct me if I'm wrong.

[sunday11a]

Well if i click on the link it takes me to the yahoo login page. And i haven't tried to login through it
"A better look at the email" how ?

[Striek]

As in what it would look like to me if *I* had recieved it.

[MrLinus]

"A better look at the email" how ?

What might be helpful is a look at the full headers (obviously remove info that identifies yourself) as well as the full "RAW" source of the email (not the HTML version) but the "view source" version.

An additional thought is that perhaps this email is legit and is the result of a worm using your address in a spoof email (you may not be infected and may not have sent anything but this may be the result of a dead email account).

[RogueSpy]

I've recieved quite a few links to phisher sites lately. Honestly getting tired of them. Most of them are grammatically incorrect too. Morons.

[sunday11a]

MsMittens I am not using any desktop email client but access my email through the web interface of yahoo. I dont know what is view source, but the headers that yahoo shows i am putting them down as it is only my username is changed. The full headers as shown by yahoo.

X-Apparently-To: myusername@yahoo.com via 68.142.225.163; Sat, 23 Apr 2005 03:44:49 -0700
Authentication-Results: mta169.mail.mud.yahoo.com from=usa.net; domainkeys=neutral (no sig)
X-Originating-IP: [61.0.45.38]
Return-Path: &lt;contact_namita@usa.net&gt;
Received: from 61.0.45.38 (EHLO yahoo.com) (61.0.45.38) by mta169.mail.mud.yahoo.com with SMTP; Sat, 23 Apr 2005 03:44:49 -0700
From: contact_namita@usa.net Add to Address BookAdd to Address Book
To: myusername@yahoo.com
Subject: Mail Delivery (failure myusername@yahoo.com)
Date: Sat, 23 Apr 2005 16:14:27 +0530
MIME-Version: 1.0
Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_001B_01C0CA80.6B015D10"
X-Priority: 3
X-MSMail-Priority: Normal
Content-Length: 794

Can any info be extracted from these