Autossh does not do tcp-over-tcp when forwarding, if I understand that correctly. TCP is from localhost client to localhost SSH client, no syn/ack frames are tunnelled, just the data stream.
I've had a similar setup, and also found Wireguard unreliable. Went with Nebula and never looked back, not once I had a network problem caused by it.
People change and feelings change in 25 years, and with children in the house we're more like coworkers than a couple now. There's plenty of opportunities for conflict and so little time for each other. So yes, it's natural to doubt in such circumstances.
The way email forwarding works is: email is being received in full (by Google in your case), they look up processing rules, and send a copy to your Proton account, then optionally delete it.
The only thing you protect yourself from this way is Google knowing your IP address every time you check email. They have seen the contents and all headers of forwarded messages.
There are so many esim providers with websites, use one of these instead. Search "(destination country) esim" in your favourite search engine. You will be presented with a QR code at the end, scan it with your phone (while still in your country or within WiFi range) and you're done.
They don't know shit about me. They know my parents' address (where I don't live), my favourite ATMs and some of my online purchases. They also know how much I pay for energy and heating.
Why not use openssl s_client?