Recently I have received several spoofed emails requesting me to
verify my Yahoo ID by clicking on a link.  The link within each
message is in the following form:

://www.google.com/url?q=://www.google.com/url?q=://www.google.com/url?q=%%3%348%%3%354%%%3354%%3%350:%%%332f%%%332Fxtmbgyejzf.da.%%352%%355%%32F%%3%33F97t12d8gd6zlua30vllhgppcVBUMG371u3

It appears to use a Google query to find a page on the da.ru domain
which then redirects to a valid Yahoo page.  Outside of the obvious
attempt to disguise the URL, I am curious as to what these people are
trying to do.  They cannot be phishing for usernames and passwords
because the page that you end up on seems to actually belong to Yahoo,
and doesn't have any form to enter information.

Is this just some script gone wrong, or are they looking for a
security hole, or yet another way to relay spam?

I suspect that the long line of characters in the link is used to
match a unique code to your e-mail address.  Basically, when you
clicked on the link, it connected to the da.ru domain and used an
identifier to let them know that the e-mail address that the
identifier was sent to (in this case, yours) is active and being used.
  They turn around and sell the address to spammers.  Noticed a sudden
spike in spam?  They use the same idea by embedding HTML graphics,
because in order to download those graphics, the e-mail client must
connect to their server and if a unique code is assigned to match your
e-mail address, then they again know it is active.  More info and
tips: http://antispam.yahoo.com/tips#t1  Note tip on clicking links
from non-verified senders.  HTML embedding can be disabled by most
clients (Outlook, Yahoo, GMail etc.).  The link then appears redirect
you to a legitimate Yahoo error page, which is used so that you don't
get suspicious.  There is no real way that I could verify this is what
is being done,  but appears to be the case.

Are you are saying this is just an elaborate way to collect email
addresses for spammers?  I don't have HTML enabled either on my Yahoo
account or my "regular" one with my ISP, so they can't use web bugs. 
Maybe some of the characters identify my email, but the majority of
them seem to be intended to hide the real web addresses.  I found a
couple of interesting links regarding this:

http://www.rain.org/~mkummel/stumpers/08dec00a.html - for an
explanation of how it works, and
http://www.gooby.ca/dec.htm - for a hex decoder and other tools to descramble URLs.

My question still remains, WHY are these people putting these links in
emails?  It seems a lot of trouble to go through just to make a
mailing list to send spam.

I work for a large bank that has been targeted for a phishing scam. 
When we find the sites we have them shut down and for that reason
customers going to that site are directed to our actual site. It is a
likely scenario that Yahoo has already shut down the address provided
on the email you received and for that reason it is taking you back to
them.

To do your part to keep your information safe, please remember to:
 
 - Be suspicious of emails with urgent requests for personal financial
information.

 - Do not fill out forms in email messages that ask for personal
financial information.

 - Do not reply to email messages that ask for personal financial information.

 - Avoid using links in email to get to Web pages, especially if you
suspect a message might not be authentic.

 - Ensure that you only use secure Web sites to submit credit card or
other sensitive information.

 - Regularly check your bank, credit and debit card statements to
ensure that all transactions are legitimate.

I guess that's possible.  I am trying to learn more about internet
security, with the idea of eventually hosting a website or two of my
own, as well as for other people.  So I sometimes study the spam I get
to figure out what these people are trying to accomplish, and when
something doesn't make sense, I like to find out why.

It's good to know that Yahoo and others are keeping on top of these
things.  If I try that same link now, it just goes to the homepage of
da.ru, which probably means the original page has been shut down and
Yahoo no longer has an interest in it?