There are many problems with email, not just one. Sure, we have SPF, DKIM, DMARC and S/MIME, but they're not used by most people. Especially the most important one, S/MIME (to encrypt your messages/ keep them private).
All but the last are used by everyone as it is basically impossible for mail to be accepted reliably from an email server that doesn't have those set up correctly.
As for S/MIME, certificates are a pain to deal with for most people and all they really care about is transport-level, not E2E encryption.
I'm surprised if that's actually true. I would guess that most peoples' personal and work email accounts are managed through providers like Google or Microsoft, which do enforce all of those security protocols.
Their business products definitely don't enforce S/MIME by default (which is prohibitively difficult with external contacts anyway), and they recommend to set up the things like SPF and DKIM. They usually don't host your DNS so they can't do it for you (though they do tell you exactly what to set and provide a checker to see if you did it right!)
