Hey, I'd suggest you try to use the new protocol, these doubts you're having would most likely dissipate. It's CLI-only, but it's already fully functional.
That said, I understand your concern that Posting Keys are handled with considerable liberality, and that could pose a security threat to Hive-Mail. But this is not really the case.
First, anyone with your Posting Key can sign account_update2 and custom_json (not requiring Active) operations. This is not my doing; rather, this is dictated by Hive's code. This can be annoying but is not a serious security threat, since your funds can't be touched this way. People could, however, post really shitty things on Hive like they were you, which could lead to reputation damage.
Specifically regarding Hive-Mail, if someone malicious got your Posting Key, the maximum damage he could cause is register onchain (in your Posting Metadata) a different Public Post-Quantum Key. However, this would be promptly spotted (it's visible onchain), and the user could simply change his Posting Key, knowing it has been compromised. Then the user could change his publicly registered Public Post-Quantum Key, either reverting to the previous one or creating a brand new key.
What really matters here is, there is absolutely zero chance that anyone gets access to messages sent to you from obtaining your Posting Key. To read such messages, an adversary would need: 1) your Private Memo Key, 2) your Private Post-Quantum Key, and 3) he would need to know who you have been communicating with. If any of these elements is missing, there's no way to get access to the messages directed to you.
So, in sum, no, the Posting Key represents no threat to the privacy of Hive-Mail.
RE: Introducing Hive-Mail, a new, quantum-resistant messaging protocol on Hive