

I know that none of them use a VPN for general-purpose browsing.
Interesting. The most common setup I encounter is when the VPN is implemented in the home router - that’s the way it is in my house. If you’re connected to my WiFi, you’re going through my VPN.
I have a second VPN, which is how my private servers are connected; that’s a bespoke peer-to-peer subnet set up in each machine, but it handles almost no outbound traffic.
My phone detects when it isn’t connected to my home WiFi and automatically turns on the VPN service for all phone data; that’s probably less common. I used to just leave it on all the time, but VPN over VPN seemed a little excessive.
It sounds like you were a victim of a DOS attack - not distributed, though. It could have just been done directly; what about it being through a VPN made it worse?
No.
Use S/MIME or PGP and directly encrypt emails to your recipient. This is the only E2E encryption available to email.
The best metaphor for email I’ve found is that you’re writing your message on a postcard and handing it to your neighbor closest to the destination, who hands it to her neighbor, and so on, until it gets there. There are usually fewer hops, but also your email is broken into packets which could go through god knows how many routers, each of which can read your email.
E2E requires setting up a private key; RFC 821 provided no such mechanism. Your only option is out-of-band negotiation, like PGP.
There is a good proposal out there that sets mail headed announcing that you accept encrypted emails, and includes information about your ID, which clients could parse and verify against public key servers; it hadn’t really gained a lot of traction, as it causes issues for data harvesters but also at the end user side. Like, how is notmuch and mairix supposed to handle these? They’d need permanent access to your private key to decrypt and index the emails, and then now your index is unencrypted.
There’s been a fair amount of debate about this, and it’s a lot of work that would need coordinating between teams of volunteers… it hasn’t made much progress because of the complexity, but it’s a nice solution.