My business deals with healthcare issues. For sending and receiving mail, we use TLS connections, but fail back to plain text if TLS cannot be properly negotiated.

I have email going to several TLS-enabled mail servers but the Cert Authorities for their certs are in the "untrusted issuer" realm of CAs within Postfix. How do I get these valid CAs part of the "trusted ones".

Here's an example:
Mar 21 14:02:15 mail postfix/smtp[26127]: setting up TLS connection to NaviSite.com.s5a1.psmtp.com[64.18.4.10]:25
Mar 21 14:02:16 mail postfix/smtp[26127]: certificate verification failed for navisite.com.s5a1.psmtp.com[64.18.4.10]:25: untrusted issuer /C=US/O=Equifax/OU=Equifax Secure Certificate Authority

Thanks!
Tom