In my experience you’re wrong. Most OpSec failures are not magical or require massive resources but minor single mistake. Beyond that, OpSec is a skill that requires practice. If you only apply only when needed, odds of failure significantly increase.
Since you claim to know so much about what national mail systems know about a piece of mail, what specifically is your understanding of what they know?
Mail enters postal services from multiple points. This can be postboxes, collection and so on, but also other vendors, non-national post offices (universities, big corps), and international entries.
These are batched, scanned (OCR applied), with method of entry tagged to the mail piece. Pieces are risk scored using an unknown to us algorithm. Pieces that trigger being suspicious can be x-ray'd, CT scanned or imaged (eg TSA style scanning) and may also be opened by the postmaster.
There's a whole long bit of what happens once a package is found to actually be contraband that I am going to skip because it's long.
Any piece of mail has attached to it the information on it, it's weight, dimensions and entry point into the system.
Your collection point will potentially capture more materials, depending. Mail offices are government offices and behave like it - security footage, ID checks when doing business, cameras typically behind the desk to capture faces. That footage is typically housed locally unless there is a reason to send it. There is a standard retention policy but variances exist per office.
Mail from other points is much, much less secured and may have no additional security. Mailboxes, in the US especially, do not get government operated video monitoring. Private parties such as HOAs or cities may add their own.
Since you claim to know so much about what national mail systems know about a piece of mail, what specifically is your understanding of what they know?