This is more of a suggestion than a bug report - but it would be nice to have Xeams detect when there are "masked" links in an email. For example, we got some spam that has links like:
https://invoices.adp.com...
but, when you hover over them, the link actually goes to a different domain:
www.jrcnet.co.jp..
It would be nice if using this sort of link-masking tactic could be associated with an increase in score!