How Does TLS Encryption Work?
When you send an email from your domain, your Mail Transfer Agent (MTA) performs a query to the receiving server to check if it supports the STARTTLS command. When your MTA confirms that the receiver supports STARTTLS, it switches to an encrypted connection and sends the email securely.
But an attacker can disrupt this process, rerouting the email to a server controlled by them, or make the STARTTLS query fail, prompting your MTA to send the email over an unencrypted connection. In either case, the attacker can have total access to your emails.