We run tcp25 from /bin/service and smtpd is able to received mail via TLS. >From factotum(4):
The factotum owner can use any key stored by factotum. Any
key may have one or more owner attributes listing the users
who can use the key as though they were the owner. For
example, the TLS and SSH host keys on a server often have an
attribute owner=* to allow any user (and in particular,
`none )' to run the TLS or SSH server-side protocol.
