Why not create your own certificate authority, have that issue certificates to the citadel servers you prefer, then turn off all non-secure smtp addresses, and delete references to the other certificate authorities. Then citadel should only accept to transfer email from the authorized domains. Just a theory.
