…it would be to substitute the actual URL for the requested link text (or image) if the link’s domain does not match the domain of the email’s sender, the link text could still be rendered afterwards (just inert and unclickable).

Bonus points would be to highlight in red the domain name (since it will now be laid bare), to shine a giant spotlight on where the link is going (and maybe even make that the only area of the link that is clickable)?.

Why? It’s pretty straight forward to require SPF to ensure the sender’s domain name is legit… and this then carries the legitimacy a step forward into the link.

It would be 100% transparent to well-behaved domains (even the legit bank emails that train users to fall for phishing attacks with a “click here to login” link would look right/prestine), but provide a giant red flag (“why does this email look so broken”) to phishing emails (and even intentional MITM emails like marketing campaign click counters and URL shorteners) without actually disrupting any work flow (e.g. sharing links via email between friends)… especially since so many of them have terrible link-hygiene and want to encode GOBS of information into the link (I guess so they don’t have to track potential victims in their own database).

It still would not guard against mybank.com being spoofed by my-bank.com, but at some point I suppose the email client must hand off responsibility to the web browser to not suggest login credentials across domains (or maybe do away with passwords entirely).