HI! Looking at [1] it's not clear to me whether it's possible to require MX RRs of a recipient domain to be DNSSEC signed. Any other configuration option for that?
Ciao, Michael. [1] http://www.postfix.org/postconf.5.html#smtp_tls_policy_maps
smime.p7s
Description: S/MIME Cryptographic Signature
