I think your view of email is romanticized, or perhaps skewed because of your social circle. Email servers sometimes use TLS to talk with eachother, and emails are signed. But that's the extent of encryption when it comes to "real email". Email content is not encrypted in "almost all" of "real email" because almost nobody uses PGP.
I don't know what social circle I should be part of to consider email unsecure.
Even Russian spies use mail.ru and their emails are compromised not by SMTP MitM but by weak passwords, google for "moscow1 moscow2 password" to see what I am talking about )
Anyway. Back to the technical point. Email servers pretty much always use TLS to talk to each other. The connection may degrade to non-encrypted for backwards compatibility, unlike HTTPS. But it's vanishingly rare.
So, for all practical purposes that affect ordinary citizens: injection, scanning and sensitive information extraction, email in transit is quite secure.
For instance, once you disregard so called transactional mail and spam, real email is almost all encrypted for all practical purposes.
DKIM and DMARC also work quite well for spoofing protection, aside from the corner cases like the above.
Average Software Engineers have an outdated idea of email, formed by 1990 era Internet.