yes but.
most MTAs use opportunistic encryption. so typically the server2server communication is not clear text, but MITM attacks are easy(ish) as there are no central instances (like CAs with HTTPS) or another mean of knowing the identity of the other side before-hand
