To begin with, it makes sense to determine what risks you are going to protect against. Encryption will hide the content from intermediaries (people who have access to emails between your computers). The electronic signature is aimed at confirming that the content and the sender have not changed during the delivery process.
If you are not competent - your server obviously does not make sense - this will only increase the risk.
The classic way is to use PGP/GPG. But do not forget, both you and your counterparties should use it. And this in very small cases generally makes sense without the use of other security measures, because. at this stage, accessing the contents of the computers on which these letters are written / read seems to be an easier task.
I can also recommend the Proton Mail serviceencryption is built-in, plus there are some great features, such as sending an encrypted message to a counterparty that works with regular mail.

Protection against "hacking" of the mail account:
1. Allow access only from the subnets of your provider, where you pick up mail.
2. "Strong" password
3. Use two-factor authentication
4. If the server is yours, you can use certificate authentication.
1. Own mail server with SSL/TLS support
2. Web-"muzzle" with mail interface and SSL/TLS traffic encryption.
Check service: www.checktls.com

Raise the level of your competence and the level of competence of counterparties. Otherwise, open an invoice, and there is a cryptographer. And your business stall-office will be covered with a copper basin.
From an incompetent user, no antivirus will help.

Practical advice.
1. Encryption of the file system where mail is stored.
2. Encryption of connections between servers.
3. Digital signatures of letters via DKIM.
4. Encryption of message texts a la PGP.
For full control of your server. Better dedicated and definitely outside the Russian Federation.