You can see these messages in all their glory using a dedicated client, as far as I know.
For messages that just have remote content, you can simply click on "show" to force load it.
The thing is, web clients are nice, but pose a problem when the message has such scripts because if compromised, they can escalate to compromise the whole system. Having seen damages from countless infections because people desperately want to click on a link despite all warnings, I personally am all OK from blocking them if there is a high chance that the message is dangerous - at least as the default behavior.
Of course, giving administrators (and even users?) the option to disable safeguards should also be an option, maybe with a disclaimer absolving the service provider and SmarterTools of any responsibility.