Every aktion with the ticket should be possible without clicking anywhere near or in the email content frame

Title: Every aktion with the ticket should be possible without clicking anywhere near or in the email content frame.

1. What is your original issue/pain point you want to solve?

Security through non-interaction.

3. Which are one or two concrete situations where this problem hurts the most?

There are in fact 2 situations at the moment:

• we must click into the content to be able to see the from-to email addresses above the content
• we must click on the small text “show more” (in german “mehr anzeigen”) to expand the content

3. Why is it not solvable with the Zammad standard?

There are no other options to open the from-to header or expand the content.

4. What is your expectation/what do you want to achieve?

I would like to have buttons or similar outside the content.
Also, the foreign content should be clearly and distinctly demarcated.

We want agents/employees to not fall for tricks within the content.

Creators of spam/scam will try everything to get the receiver to click on links.
Those links are either a very pixelated image (to make you curious), a large link-box, or (in worst case) the complete content is behind a link (see screenshot).
Also, the small text “show more” (in german “mehr anzeigen”) could be content of the sender (see screenshot).

The HTML i quickly shot together to create the fake “show more” link:

<!DOCTYPE html>
<html>
  <head>
    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
  </head>
  <body>
    <p>this</p>
    <p>is</p>
    <p>a</p>
    <p>test</p>
    <p>to</p>
    <p>show</p>
    <p>that</p>
    <p>the</p>
    <p>"show more"</p>
    <p>interaction link</p>
    <p>in the ticket</p>
    <p>can be faked:</p>
    <br>
    <p><small><a href="https://example.com" class="fake-show-more-link"
          style="font-size: 10px" rel="nofollow noreferrer noopener"
          title="https://example.com" target="_blank">show more -fake
          link</a></small></p>
    <style>
        .fake-show-more-link {
            color: blue;
            text-decoration: underline;
            cursor: pointer;
            padding-top: 15px;
            padding-bottom: 15px;
            font-size: 10px !important;
       font-family: 'Fira Sans', 'Helvetica Neue', Helvetica, Arial, sans-serif;
    font-weight: normal;
    font-variant-ligatures: none;
    line-height: 1.45;
        }
    </style>
  </body>
</html>