I have a question regarding the security of the email endpoint. Since the email api endpoint is accessible by public roles, any POST request to this endpoint will send emails to any email account from the email set on the “from” property. So doesn’t this raise a concern of possible chances of phishing attacks? Wouldn’t using the Newsletter plugin be the better option?