using postfix over tor

[Anonymous]

Ideally, when a mail server sends a message, it takes the most secure
path first, and then downgrades the security as needed until the
message is sent. This means it should make attempts in this order:

1) Create a list of tor exit nodes that do not block port 25
2) Command the tor daemon to exit those nodes exclusively.
3) Send the message SSL over Tor, direct to the recipients mail server.
4) If that fails, SSL without Tor direct to the recipients mail server.
5) If that fails, send in the clear direct to the recipients mail server.
6) If that fails, send in the clear to the recipients mail server
via non-blacklisted relay.

AFAIK, the configuration that most closely follows that security model
requires hard-coding /etc/init.d/postfix to run "torsocks
start-stop-daemon...". And if that fails, manually remove "torsocks"
and restart.

Is there a better way to implement the above security policy? Are any
mail servers anywhere near this sophisticated?