A further fact that nobody has mentioned in this thread yet is that you can have DNS A and MX records pointing to different servers. The A record is used by web browsers when connecting to a web site, while the MX record is used by mail servers when delivering incoming e-mail.
So for example, if you look at the DNS records for microsoft.com, there is a series of A records giving different IP addresses for microsoft.com which are used by your browser when you try to connect to https://microsoft.com/. There is also an MX record stating that the mail exchanger is microsoft-com.mail.protection.outlook.com., which in turn has different IP addresses from any of the microsoft.com IP addresses, and which is used by mail servers when they want to send e-mail to people @microsoft.com.
The independence of these two records means that if your “mail hosting” consists only of setting an MX record, it won’t affect your ability to obtain or deploy a certificate for your web site in any way.