I decided to try Watchguard's Clickaware, (here but you need to be a registered user), to see how my users are. I didn't chose an faked attachment since I have told my users that malicious attachments can't get to them - so I chose an obviously "dodgy" link.

The link appears to point you to freew4rez.ru.download.asp but it really sends you to WatchGuard's Clickaware page. WatchGuard suggests that you make a fake user in Exchange and then send the mail from there. I thought I would go one better. I extracted the public email addresses of all my users from AD and went to one of my "odd" accounts at Yahoo and sent the mail from there....

Here's the fun bit, (I've tested it again and unless I am doing something wrong...), when the email arrives the link shows freew4rez.ru.download.asp but that's where it sends you too. It seems like, in an attempt to prevent phishing from Yahoo accounts, Yahoo recognizes the "hidden" url and replaces it with the shown url..... Needless to say the test failed abysmally because the freew4rez domain doesn't resolve.....

Can someone confirm I'm right..... If so, nice move Yahoo....