I don't see any such behavior, and this message, despite being 
spam'ish, if a perfectly valid newsletter message with no active 
content whatsoever.
This rather sounds to me like your webmail system might have get 
hacked. If you really use IMP 4.2, I wouldn't be too surprised, since 
it's ages old and has seen many, also security, fixes since then.

A few minutes ago I received this spam message.  It seemed very 
similar to the spam I receive usually, so I clicked on Delete... but 
instead of being deleted, it just made the browser tab unusable.
Tested on Windows Vista Ultimate Service Pack 2, with the following browsers:
-Google Chrome: IMP tab becomes unusable, all links rendered 
ineffectual.  The only escape is to use the Horde menu if you have it, 
or hit the browser "Back" button.
-Internet Explorer: Cannot use it. Keeps telling me that my browser 
has changed since the start of my session, so I must log in again... 
and again.. and again... despite already having logged out in every 
browser.
-Mozilla Firefox: IMP tab becomes unusable, no matter where I click it 
opens a tab to the spam website - not even Log out works.  The only 
escape is to use the Horde menu if you have it, or hit the browser 
"Back" button.  Having "NoScript" and using it to block the webmail 
doesn't prevent the issue from happening.
-Safari: IMP tab becomes unusable, no matter where I click it opens a 
windows to the spam website - not even Log out works.  The only escape 
is to use the Horde menu if you have it, or hit the browser "Back" 
button.
-Opera: The only one to work all right - the one which allowed me to 
save the message source.