That stuff is actually not that hard, mozilla's engine has compile flags for that stuff and the patches you have to make are minimal. There are a few methods for runtime restrictions too, they're quite extensive in their capabilities and sufficient for sandboxing a mail.
Mozilla's engine is a giant multi-million lines-of-code ball of C++ and Rust and JavaScript weighing in at nearly 200 MiB - not including dependencies. And what if I don't want to support the browser monoculture? Implementing a new one is a daunting task (nigh impossible), but rendering plaintext is easy peasy.
HTML email in practice doesn't need much more than what w3m supports, in some places less - no need for w3m's frame, cookie, or FTP support. w3m is smaller than mutt.
Limiting HTML mail to an agreed subset could actually be a winnable fight compared to more impractical suggestions.
Let's say 50% (or even 30%). How much more code would have been needed to correctly render most of the rest? I strongly doubt it's 200 MiB, probably much closer to w3m's size. HTML email is in practice a large subst of HTML4+a tiny bit of CSS.
