Funny thing, I was actually looking into this earlier tonight and couldn’t find any info on how to implement MFA with postfix. I did find some discussions of limiting access to known IPs, but that requires manually tracking everyone’s logins. I’ll keep digging though, I’m sure I’ll find something.