1: I run my own mail server.
2: My friends run their own mail servers.
3: Mail servers today support encryption.
When a friend in sends me e-mail, there are no extra relays in-between. Their mail server contacts my mail server, establishes an SSL/TLS connection, and the mail goes.
I then fetch it from my server through pop3s or read it on the server.
There are a few vulnerable points here, but none of them are what you list.
- Someone could hijack a DNS server that the sender relies on, adding MX records pointing to a rogue server.
- Someone could man-in-the-middle, intercepting and substituting DNS server traffic real time to do the same.
- Someone could man-in-the-middle insert a mail server intercepting port 25 and 587, pretending to be the recipient mail server.
- Someone could arrest my friend and beat the living crap out of him.
- Or me.
But all in all, the majority of private e-mail I receive never lives in plaintext except at the end points, which are in our own control. I.e. we won't get caught in a dragnet where everything on an ISP's server is diverted and stored, or where a Big Mail Provider provides copies of everything. That's reassuring to me.
Even if it, like anything else, is not 100% safe, it does mean that anyone reading my e-mail will only do so if deliberately targeting me.
And the US government has shown is that they're perfectly willing to do large scale surveillance, intercepting communications of everyone. The prudent thing to do is not to swim in the seas they trawl.
tl;dr: Don't use servers you don't trust.