The active attacker may tell your MUA to use the plain text, but this doesn't mean the whole connection must be unencrypted end-to-end. I don't see why the connection past the attacker can't still use STARTTLS (or even "classic" port-based TLS). Google servers won't even know the connection is not secured end-to-end.
That said, requiring TLS/STARTTLS on the server side is a good idea. But it doesn't protect from downgrade attacks.
The active attacker may tell your MUA to use the plain text, but this doesn't mean the whole connection must be unencrypted end-to-end. I don't see why the connection past the attacker can't still use STARTTLS (or even "classic" port-based TLS). Google servers won't even know the connection is not secured end-to-end.
That said, requiring TLS/STARTTLS on the server side is a good idea. But it doesn't protect from downgrade attacks.