I think so too, that right now personal domains are the best solution. But they are not perfect either. Think of all the scam and phishing emails where they pretend to be idk Google and get a domain that looks almost the same as the real one
https://www.thesslstore.com/blog/unicode-domain-phishing/