Implement DANE for outgoing mail authentication.
DANE ensures that email is only deleverd over a secure path.
John Hepburn commented
I agree that DANE should be implemented for outgoing mail authentication. Currently mailjet relies on a certificate from a certificate authority, but this has been compromised in some cases. DANE provides superior security. I recently saw a statistic (not sure of the reliability) that there are about 24 million mail transfer agents, of which about 4 million now support DANE. I expect that proportion to increase steadily.