Your argument doesn't make much sense though as already chrome and maybe whatever email client you use takes into consideration the ability of windows to protect themselves. So you trying to add extra protection from windows without other tools is rather a weak way to go about even if it actually works. Your method puts all your apples in the same basket and someone hungry enough can eat them.This is what this thread is about a default allow SRP that constrains certain apps and also apply WDAC to them ( though WDAC probably merits a separate thread )
If you don’t run malware on purpose and open untrusted docs inside the browser, then browser & email client are the two delivery mechanisms left ( excluding some sort of supply chain malware that I haven’t quite figured out how to prevent )
Sure we are talking about a hypothetical scenario but you asked for it. In reality, if you worry you will get infected by visiting sites and your email i would say you are safe and don't need to do anything.