I've not been through *all* the documentation yet, and my install was put off because I had to switch OSs, but I haven't yet seen whether Zimbra does any in-browser phishing warning: specifically, I'd like to see URL links in emails colorized so as to give users a hint:
1) Link in plain text, heated up by Zimbra: blue
2) Link in HTML, plain text URL matches HREF URL: green
3) Link in HTML, plain text URL that's different from HREF URL: red, and maybe a hover.
4) Link in HTML, non URL as the anchor text: yellow, with a hover
That sounds, on reflection, like it might be a Zimlet. Can you accomplish that with a Zimlet?