A couple of email privacy tips:
Make sure your email client isn’t leaking your local hostname. For example if you use Claws Mail ►http://www.claws-mail.org enable the “Send account mail address in Message-ID” in each account’s settings.
listen on net0 port 587 tls pki example.net auth mask-source
Note: only use that option on submission ports and not on port 25 otherwise it’ll mask the source of incoming messages as well as outgoing ones.