Please move this to a plugin.
Business sites are very unlikely to post from e-mail.
People who do need this feature should of course still be able to access it, but for the vast majority it is an attack vector that we don’t want / need and currently need to secure with more code.
Thanks for reading.
This is asking for Core Plugin. I would add this to the Core Plugins list and close the petition.
Core Plugins is part of the roadmap discussion that will happen this week. But I would still close the petition and just note that this feature is a good candidate for Core Plugin.