Yahoo is Editing Your Email
By Janet Roberts

It's true. Peter Mesnik of told us that his tech team discovered Yahoo! Mail changes words in HTML email that could launch malicious code and replacing them with more benign terms:

"In its effort to eliminate malicious HTML and Javascript code in HTML email, Yahoo Mail appears to have gone one step over the edge.

"Normally Yahoo strips out embedded object tags (typically used to display embedded Flash animation) and Javascript code that might pop up a window. Now, however, we notice that this mechanism, or one like it, is actually taking certain words located in the body of the message and it is replacing them.

"For example, if your HTML newsletter contains this sentence:

A common expression in the English language

"And you send this newsletter to a Yahoo Mail account, the sentence will actually be changed to read:

A common statement in the English language

"Even if you send a simple test using Outlook Express with message format set to Rich Text, you can see the result for yourself. The word 'expression' gets changed to 'statement.' There are other words that this happens with as well. For example, 'eval' becomes 'review' and 'mocha' actually becomes 'espresso.' We found this quite amazing and thought it might be an interesting observation for you and your readers.

"For some further info on this subject, take a look at this knowledge base article that was composed by a member of our development team.

"This text:

'I like Mocha! How do I evaluate this? Sounds like an expressionless thing. Or expression. medieval or not?'


'I like espresso! How do I evaluate this? Sounds like an expressionless thing. Or statement. medireview or not?'"

I tested this in my home Outlook Express email client after setting the message format to HTML. Sure enough, my test message was edited when I read it in my Yahoo! account but not when I sent it to my home Road Runner account or to mailboxes at Hotmail, or my work email.

"All the Web clients have issues of one sort or another," Peter said. "Nothing as remarkable as this. We had a good laugh in the office after we got over the disbelief."

This is a shocking development, because it can make the writer look pretty clueless through no fault of his or her own. Any coffee aficionado knows "mocha" isn't the same thing as "espresso."

