Yes, unfortunately the RFC didn't think about the business requirements of places that deal with healthcare. HIPPA requires a secure channel, and so for healthcare<->healthcare we enforce TLS, valid certs, and do cert management. I'd like to be able to encode that in qpsmtpd.
The secure channel requirement is not that much of a hardship; whenever TLS is in force, set a hash key in the object to reflect that. Then write a rcpt hook (which runs first) and returns a 4xx error (or 5xx, I can't decide) if the connection isn't using TLS. This is OK by the RFC's since the MTA is free to refuse e-mail based on internal criteria.
John
