Hi Carsten!
This IS possible, SSL has it’s caveats but usable…
But you’ll need to heavily customize the templates, I assume!
Start with:
mkdir -p /etc/e-smith/templates-custom/etc/dovecot/dovecot.conf/
cp -r /etc/e-smith/templates/etc/dovecot/dovecot.conf/* /etc/e-smith/templates-custom/etc/dovecot/dovecot.conf/
Adapt as needed, then expand the template and restart dovecot.
expand-template /etc/dovecot/dovecot.conf
systemctl restart dovecot
check with
systemctl status dovecot
If possible, use a VM environment for testing first, at least until you have the basics together.
Clients like Thunderbird will have less issues, I assume the biggest challenge will be mobile phones! Test well!
I have done this, but without the external IMAP / SMTP access - that wasn’t required by my client.
Outgoing was set using smarthost on the internal NethServers, and a dedicated smtp-clientname user for each NethServer “Backend” behind the “Mailrelay” NethServer.
Tip: Have a user maillog on the Frontend, with automatic BCC enabled - at least for starting, until you’re sure no mails get lost! If legal and client wants it, (and you have space) you can keep that for protocoll / archiving reasons…
My 2 cents
Andy