fully supported secure email on all protocols to ensure
sensitive email messages or passwords cannot be read by hackers
or users who may have access to the communication channel
between you and the mail server. If you are running a mail
server that doesn't support this feature then essentially anyone
with access to your network can steal passwords. You can specify
whether to allow users to login in non secure mode or not with
IP range limits too. Almost all popular email clients now
support SSL/TLS. Surgemail will create a self signed
certificates automatically but for production use you should
consider getting a signed ssl certificate from any of the
standard signing authorities. Use the SSL config page within the
web administrator to create a CSR request to use with any
POP: Secure to regular port using STARTTLS, secure to dedicated port.
SMTP: Secure to regular port using STARTTLS, secure to dedicated port.
IMAP: Secure to regular port using STARTTLS, secure to dedicated port.
HTTPS: All web based administration tasks can be done either using secure HTTPS or standard HTTP.
Mirroring / replication: The in-built server mirroring feature mirrors the server over a secure link.
Useful information on SSL in general and certificates may be found here: SSL.com