Comment 11 for bug 3165

Stakeholders would like this addressed in some fashion; optimistic TLS as a requirement is probably a decent approach - and route all non-optimistic-TLS mails tagged for private objects to a blackhole that logs the fact and swallows the mail.