Make it harder for users to open links
Maybe it's a good idea to disable clickable links by setting
network.protocol-handler.external-default
[1], it not just prevents users to open a link by accident but also minimizes the risk of phishing (hopefully most Thunderbird users don't just copy paste them, for people who insists on opening links, there's still a way left by right-clicking on the link and to just use the context menu). Additionally, it might be useful to disable punycode (network.IDN_show_punycode
[2]), if disabled the ascii link is visible in the status bar (probably most users type the url or copy/paste it by using their password manager, but seeing something like https://www.xn--80ak6aa92e.com/ instead of https://www.аррӏе.com/ (in the status bar, what's hardly notable) doesn't harm them either)
[1] http://kb.mozillazine.org/Network.protocol-handler.external-default