The iFrame Tag is normally used in web pages, where it is used to import data and can also import and execute code.
This is why there is great potential for harm when used in an email, code can be executed simply by opening or previewing an email. That is why I wouldn't recommend disabling this check in the Heuristics of the Internet Mail provider, rather when this gets flagged as suspicious, you have to decide if you feel the email is from a trusted source. A pain yes but that way it doesn't leave a hole in your defences.
Some emails use it to import Adverts into the email, but the potential for much more is there. So adding a URL to the permitted URLs will allow all email originating from that domain, not a specific email address.