It's impossible to prevent all cases of social engineering with a purely technical solution, this is true. But that doesn't mean that we should disregard how much easier phishing attacks are with the advent of HTML mail. The goal here is not so much to stop social engineering dead in its tracks as to prevent some of the low-effort attacks that do happen.
But again, I refer you to my HTML5 example. Should we dumb down what websites are capable of rendering to prevent social engineering via the web?
What you're proposing is making things harder to work in the hope that human intelligence will prevail. But the problem is that these cases are where human intelligence has failed, so making things harder is just counter productive. And this is why you can't prevent social engineering from happening and why crippling technology and creating a worse user experience just to try catch a few fringe cases is just a backwards approach to handling the issue.
Instead what we need is methods in place to verify the authenticity of senders and better education to users so that don't make silly mistakes like installing random "virus scanners" from web ads or clicking strange URLs in e-mails (and the URLs themselves could be standardised. eg no sub-domains become clickable, to prevent people falling for face.book.com).
No, we're talking about social engineering and the principle is the same regardless of whether it's e-mail or websites. You take a page -be that of an e-mail or website- make it look legitimate, and get people to follow dodgy links or download dodgy programs. You see the same thing with Facebook malware as well (which spreads by social engineering). So maybe we should close Facebook apps down.....actually, I'd be in favour of that last point hehehe.
Claiming this is a straw man argument only demonstrates how unwilling you are to view this from another's perspective. At least I've listened to your arguments and come up with potential workarounds.
