The problem is that, as a security solution, having your own mail server and being careful about who you send emails to doesn't scale and it's not feasible in the general case. If you're worried about Google/NSA/spies as the main attackers, I'm not sure hosting your email is the best solution. Yes, it works if you never send email to anyone with Gmail, Yahoo, Hotmail, etc. But that will prevent most normal uses of email. And if you do send email to regular people, then someone, somewhere, will read your emails; that's what they are for after all. And then the privacy of your email is as good as the security measures your recipient has in place.
Same with 2FA: it's a security measure to make it difficult for an attacker to gain access to your account, and one all of us should use, but it's not there to prevent them from reading your emails.
Maybe the overall solution is "don't use email -- self-hosted or otherwise -- for anything sensitive, ever." This will probably work, but is not feasible for most of us.
Same with 2FA: it's a security measure to make it difficult for an attacker to gain access to your account, and one all of us should use, but it's not there to prevent them from reading your emails.
Maybe the overall solution is "don't use email -- self-hosted or otherwise -- for anything sensitive, ever." This will probably work, but is not feasible for most of us.