I understand that clicking isn't an immediate failure/compromise in phishing campaigns. But in recent weeks, I've seen multiple instances of malicious remote access tools getting installed from opened attachments. Being able to choose whether or not recovery training goes out on clicks or compromise would be a nice feature for some clients who are a little more security conscious than others.