karnal is absolutely on the money here... smtp encryption is something of a crapshoot - STARTTLS downgrade attacks are pretty trivial due to backwards compatibility.
https://www.elie.net/blog/understanding-how-tls-downgrade-attacks-prevent-email-encryption
When it comes to email, to be absolutely certain you do have to go full tinfoil hat and install some PGP variant...