Problem

/etc/postfix/tls_policy database file (tls_policy.db) is not rewritten automatically and thus needs a manual run of postmap /etc/postfix/tls_policy befor changes are considered by postfix.

Solution

As of policy UCS prevents automated service restarts as we consider the administrator as the only one knowing when a restart is suitable. Therefore UCS does not restart services automatically.

But as postfix restarts automatically when is recons a new version of a database file the rewrite of the file could cause an unintended restart of postfix service. Therefore UCS does not update the database file automatically and is has to be done by the administrator after a change manually by:
postmap /etc/postfix/tls_policy

The postfix service is then restarted automatically shortly after.