The notifications from YHR may contain pretty personal content, and email is basically not suited for that.
Indeed, emails can be transmitted from an SMTP server to another without secured connection.
Also, notifications often lead to click a link and log-in.
So, do you plan to propose PGP encrypted/signed emails, offering an end-to-end security and allowing users to trust the notifications ?
Also, a post explaining how to set up a client like Enigmail, and a box to drop public keys can be created ?
Thanks for you consideration,