Yes, sorry, I should have been more clear -- I was specifically referring to it being a violation of RFC2487 to require TLS on a publicly referenced SMTP server (on 25/TCP anyways) that is accepting mail.
One can obviously configure his/her own MTA to not send out mail unless encryption is being used (although one would certainly end up with undeliverable mail), but RFC2487 says that you may not refuse to accept mail (again, on 25/TCP) that is not encrypted.
As with DNSSEC and DANE, like you mentioned, one can also require his/her MTA to validate the server's certificate although this isn't typically enabled by default.
One can obviously configure his/her own MTA to not send out mail unless encryption is being used (although one would certainly end up with undeliverable mail), but RFC2487 says that you may not refuse to accept mail (again, on 25/TCP) that is not encrypted.
As with DNSSEC and DANE, like you mentioned, one can also require his/her MTA to validate the server's certificate although this isn't typically enabled by default.