It's also the weak point - do you trust your domain provider he won't allow a domain move / access based on parts of your personal information, like here [0]?
You shouldn't use the almost-scammers of GoDaddy as an example. Whenever I hear any Domain horror story it's about GoDaddy, it seems like a bad idea to extrapolate from them.
Yes, my main domain is locked by the registry and transfer requires some form of state ID validation with the registry to unlock the domain, before a registrar can transfer the domain.
Should be good enough protection against social engineering targeting registrars.
You can take this a step further. You can set up multiple VM's in multiple regions to be your MX relays for your domains and route the traffic to whichever mail provider you want to use. You can then enforce TLS or set up TLS transport rules to require/optionally validate or enforce name+cert validation for specific domains (banks, etc). This also means that you can queue up mail even if that provider goes offline and you can see if the content is being tampered with (message sizes, headers excluded).
If your mail provider runs into problems or you choose to change, then instead of waiting for DNS to propagate, you simply update your relay configuration.
I should add that not all paid mail providers support this. Some lower-end providers require that you point your MX directly to them. Check before setting this up.
Also is it only domain block and not ip block?
[0] https://medium.com/@N/how-i-lost-my-50-000-twitter-username-...