It can be scalable if you’re prepared to chuck enough money at it. (Response time latencies are another matter, but that is somewhat less important in email). I have no experience at all of securing production mail servers, so whether they do this or not I don’t know and other replies here suggest they don’t use HSMs at all. If they do use HSMs then it’s not crazy to assume that they can’t easily publish old private keys, but if they don’t use HSMs then that is irrelevant.