Hi, first of all, anyone who has access to your system and may read your config or startup file will be able to read the clear-text password. Without some magic process of salting this is normal by design.
When the process comes to the point of “sending” E-Mail it depends on the service how username and password is exchanged between client and server.
There are some major transports like PLAIN and TLS. While on plain mode the Username:Password is send (and so sniffeable) without encryption, modes like TLS while not send plain data. Which “protocol” should be used will be handshaked by client and server before transmission based on their software support level.
So it is more a question how will you relay your E-Mails. If running meteor on a local server, you could setup a mail-relay with local exim or postfix server, just reachable on localhost without any password. If you wish to use a service like Mailchimp etc. I guess the identification procedure will be encrypted.
Good question, for a 100% analysis I have to check the used smtp library from the meteor package.