The only way to ensure privacy is something like PGP. Encrypt before you send. Heck you could even encrypt before you put the contents into a message body.
With self hosted, the messages themselves aren’t encrypted at rest and they are clear text between hops even if those hops support TLS in transit.
Note that PGP only encrypts the body, not the subject, sender, or recipient. So it’s only partial encryption and not very private compared to modern messaging services like Matrix. This is a fundamental limitation of email. It’s “Pretty Good Privacy”, not “Very Good Privacy”.
The only way to ensure privacy is something like PGP. Encrypt before you send. Heck you could even encrypt before you put the contents into a message body.
With self hosted, the messages themselves aren’t encrypted at rest and they are clear text between hops even if those hops support TLS in transit.
Note that PGP only encrypts the body, not the subject, sender, or recipient. So it’s only partial encryption and not very private compared to modern messaging services like Matrix. This is a fundamental limitation of email. It’s “Pretty Good Privacy”, not “Very Good Privacy”.