/etc/postfix/tls_policy database file (
tls_policy.db) is not rewritten automatically and thus needs a manual run of
postmap /etc/postfix/tls_policy befor changes are considered by postfix.
As of policy UCS prevents automated service restarts as we consider the administrator as the only one knowing when a restart is suitable. Therefore UCS does not restart services automatically.
But as postfix restarts automatically when is recons a new version of a database file the rewrite of the file could cause an unintended restart of postfix service. Therefore UCS does not update the database file automatically and is has to be done by the administrator after a change manually by:
The postfix service is then restarted automatically shortly after.