We will implement OpenSSL with IMAP. For this you need to have dovecot installed on your server and mutt on client side.
After this set up dovecot just to use imaps. And open ports for imaps in firewall. With your favorite editor open /etc/dovecot.conf for editing and make your protocol line looks mine:
Let's see on which port imaps listen.
imaps 993/tcp # IMAP over SSL
imaps 993/udp # IMAP over SSL
After this we will modify a script for making certs for dovecot.
Also, modify script according to our system (/root/mkcert.sh)
When you install dovecot he will make /etc/pki/dovecot, with his subfolder. If you look in mkcert.sh you will see that in subfolders already has dovecot.pem. To avoid misunderstand you should remove it from system
Add execute role to mkcert.sh and start script.
After this restart dovecot and set up to start when system boots.Now we need to setup a client side. On server and client side I have a user anna, and we will configure mutt to use IMAPS for this account. Log in as anna, and make directory .mutt, and inside him muttrc file with next content
set spoolfile = imaps://security1.setenforce.com/
set imap_force_ssl = yes
If you start mutt now like user anna you should see that dovecot use self-signed certificate, and detail for that certificate. Reject that certificate, because we will make certificate which will be signed by your CA. As in example with make own CA, we will need, first, to make dovecot.key.
OK, now we need to create a new signing request
Now, as CA you need to sign request.
After this you just add certificate to anna's .mutt directory. Open for editing anna's muttrc file and add next:
It's time to try sending mail to anna. Do next:
Look for mail on security2. It should work :)